exploitDog

GHSA-42gh-7xp2-q72c

Опубликовано: 14 мая 2022

Источник: github

Github: Не прошло ревью

CVSS3: 6.5

Описание

The SaveUserSettings service in Content Manager in SDL Web 8.5.0 has an XXE Vulnerability that allows reading sensitive files from the system.

The SaveUserSettings service in Content Manager in SDL Web 8.5.0 has an XXE Vulnerability that allows reading sensitive files from the system.

Ссылки

EPSS

Процентиль: 90%

0.05789

Низкий

6.5 Medium

CVSS3

CVE ID

Дефекты

CWE-611

Связанные уязвимости

CVE-2018-19371

CVSS3: 6.5

nvd

около 7 лет назад

The SaveUserSettings service in Content Manager in SDL Web 8.5.0 has an XXE Vulnerability that allows reading sensitive files from the system.

EPSS

Процентиль: 90%

0.05789

Низкий

6.5 Medium

CVSS3

CVE ID

Дефекты

CWE-611