exploitDog

GHSA-965x-72v5-49v5

Опубликовано: 16 нояб. 2022

Источник: github

Github: Не прошло ревью

CVSS3: 9.8

Описание

An XML External Entity (XEE) vulnerability allows server-side request forgery (SSRF) and potential code execution in Sophos Mobile managed on-premises between versions 5.0.0 and 9.7.4.

An XML External Entity (XEE) vulnerability allows server-side request forgery (SSRF) and potential code execution in Sophos Mobile managed on-premises between versions 5.0.0 and 9.7.4.

Ссылки

EPSS

Процентиль: 99%

0.86806

Высокий

9.8 Critical

CVSS3

CVE ID

Дефекты

CWE-611

Связанные уязвимости

CVE-2022-3980

CVSS3: 9.8

nvd

около 3 лет назад

An XML External Entity (XEE) vulnerability allows server-side request forgery (SSRF) and potential code execution in Sophos Mobile managed on-premises between versions 5.0.0 and 9.7.4.

EPSS

Процентиль: 99%

0.86806

Высокий

9.8 Critical

CVSS3

CVE ID

Дефекты

CWE-611