Apache Sling vulnerabilities

CVE-2016-6798 [CRITICAL] CWE-611 CVE-2016-6798: In the XSS Protection API module before 1.0.12 in Apache Sling, the method XSS.getValidXML() uses an In the XSS Protection API module before 1.0.12 in Apache Sling, the method XSS.getValidXML() uses an insecure SAX parser to validate the input string, which allows for XXE attacks in all scripts which use this method to validate user input, potentially allowing an attacker to read sensitive data on the filesystem, perform same-site-request-forgery (

CVE-2016-5394 [MEDIUM] CWE-79 CVE-2016-5394: In the XSS Protection API module before 1.0.12 in Apache Sling, the encoding done by the XSSAPI.enco In the XSS Protection API module before 1.0.12 in Apache Sling, the encoding done by the XSSAPI.encodeForJSString() method is not restrictive enough and for some input patterns allows script tags to pass through unencoded, leading to potential XSS vulnerabilities.