CVE-2017-7464: It was found that the JAXP implementation used in JBoss EAP 7.0 for SAX and DOM parsing is vulnerable to certain XXE fla

CVE-2017-7464 is a vulnerability in JBoss EAP 7.0's XML parsing component that allows attackers to exploit XXE flaws (XXE is XML External Entity injection, a technique where malicious XML input tricks a parser into revealing sensitive data or accessing internal systems). An attacker who can provide XML content for the system to parse could cause denial of service (making the system unavailable), SSRF (server-side request forgery, where the server is tricked into making requests to unintended targets), or leak sensitive information.