Alexander Klink wrote about the Java bug in a blog post, in which he explained how the flaw could be used to send unauthorized e-mails from Java applications via the SMTP protocol, using Java's FTP ...

The Java and Python runtimes fail to properly validate FTP URLs, which can potentially allow attackers to punch holes through firewalls to access local networks.

The FTP protocol injection issue in Java and Python can be leveraged to start a classic mode FTP connection, whitelisted by most firewalls, which attackers can use for nefarious purposes.

Many Java programmers use these tools to connect to FTP servers. As a matter of taste, these tools most likely prefer RFC959-like libraries. The URL and URLConnection classes only open streams for ...

Newly disclosed FTP injection vulnerabilities in Java and Python that are fueled by rather common XML External Entity (XXE) flaws allow for firewall bypasses.