VYPR
High severity7.5NVD Advisory· Published Jan 9, 2018· Updated Jun 16, 2026

CVE-2012-3353

CVE-2012-3353

Description

The Apache Sling JCR ContentLoader 2.1.4 XmlReader used in the Sling JCR content loader module makes it possible to import arbitrary files in the content repository, including local files, causing potential information leaks. Users should upgrade to version 2.1.6 of the JCR ContentLoader

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
org.apache.sling:org.apache.sling.jcr.contentloaderMaven
< 2.1.62.1.6

Affected products

2

Patches

Vulnerability mechanics

References

5

News mentions

0

No linked articles in our index yet.