Skip to main content
Skip table of contents

2020-07-15

Performance improvement

We've made some changes to the Cloud version of XSD viewer. As a result, the performance has been greatly improved by streaming the attachments to the image / table generation component.

Resolved security vulnerability

By participating in the Marketplace Security Bug Bounty program, the following security vulnerability has been discovered:

Previous versions of XSD Viewer allowed an XXE vulnerability via Document Type Definition (DTD), this allows SSRF and Local File Inclusion. The discovered vulnerability allows an attacker read access to internal HTTP endpoints, as well as all files on the filesystem.

In the latest version of XSD viewer this vulnerability has been resolved by disallowing any DTD in the XSD parsing engine. We have resolved this vulnerability since security is our top priority.

Are you having any questions regarding this release? Please contact our Support Desk.

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.

Contact Support Close