Launchpad.net

CVE 2016-6805

Apache Ignite before 1.9 allows man-in-the-middle attackers to read arbitrary files via XXE in modified update-notifier documents.

See the CVE page on Mitre.org for more details.

References