Adobe pushed out a hotfix for LiveCycle Data Services patching an XXE vulnerability in BlazeDS. The company said the vulnerability, CVE-2015-3269, affects versions 4.7, 4.6.2 and 4.0.x on Windows, Macintosh and UNIX systems. Adobe is not aware of public exploits of this flaw, the company said in its advisory. Exploits against this bug could lead to information disclosure, Adobe said. The hotfix will not require a reboot, unlike most patches.
Source: https://threatpost.com/adobe-patches-xxe-vulnerability-in-livecycle-data-services/114331/