Google AdWords API client libraries – XML eXternal Entity Injection (XXE)

November 7, 2015 007admin Leave a comment

Posted by Dawid Golunski on Nov 07

Advisory URL:

http://legalhackers.com/advisories/Google-AdWords-API-libraries-XXE-Injection-Vulnerability.txt

=============================================
– Release date: 06.11.2015
– Discovered by: Dawid Golunski
– Severity: Medium/High
=============================================

I. VULNERABILITY
————————-

Google AdWords API client libraries – XML eXternal Entity Injection (XXE)

Confirmed in googleads-php-lib <=…

007 Software

Google AdWords API client libraries – XML eXternal Entity Injection (XXE)

Leave a Reply Cancel reply

Software and Security Information