[Java SE] How To Prevent XXE Attack In Oracle Service Bus In JDK 8 (Doc ID 3076154.1)

Last updated on MARCH 10, 2025

Applies to:

Java SE JDK and JRE - Version 8 and later
Information in this document applies to any platform.

Symptoms

What has changed in the TransformerImpl class that cause the extra string (For example: 'x9lg2', 'uam36') to be added inside the transform() method in JDK 8, but not in JDK 11 and later?

Cause

	To view full details, sign in with your My Oracle Support account.
	Don't have a My Oracle Support account? Click to get started!

In this Document

My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.

[Java SE] How To Prevent XXE Attack In Oracle Service Bus In JDK 8 (Doc ID 3076154.1)

Applies to:

Symptoms

Cause

To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!