EIP-2026-102371

PRE-CVE

Grails PDF Plugin 0.6 - XML External Entity Injection

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-102371. PoCs published by Charles Fol.

AI-analyzed exploit summary This exploit demonstrates an XXE (XML External Entity) vulnerability in the Grails PDF Plugin 0.6. It uses a malicious DTD and a bounce server to exfiltrate arbitrary files from the target system by embedding them in a generated PDF.

Description

Grails PDF Plugin 0.6 - XML External Entity Injection

Exploits (1)

exploitdb WORKING POC

by Charles Fol · pythonwebappsjava

https://www.exploit-db.com/exploits/41466

View Code ZIP pw:eip

This exploit demonstrates an XXE (XML External Entity) vulnerability in the Grails PDF Plugin 0.6. It uses a malicious DTD and a bounce server to exfiltrate arbitrary files from the target system by embedding them in a generated PDF.

Classification

Working Poc 95%

Attack Type

Info Leak

Complexity

Moderate

Reliability

Reliable

Target: Grails PDF Plugin 0.6

No auth needed

Prerequisites: Access to a bounce server to host malicious DTD and HTML · Target application must be using Grails PDF Plugin 0.6

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1213 - Data from Information Repositories

devstral-2 · analyzed Feb 18, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026