exploitDog

GHSA-9r3q-3xmr-4wg3

Опубликовано: 24 мая 2022

Источник: github

Github: Не прошло ревью

CVSS3: 4.9

Описание

Libraries/Nop.Services/Localization/LocalizationService.cs in nopCommerce through 4.10 allows XXE via the "Configurations -> Languages -> Edit Language -> Import Resources -> Upload XML file" screen.

Libraries/Nop.Services/Localization/LocalizationService.cs in nopCommerce through 4.10 allows XXE via the "Configurations -> Languages -> Edit Language -> Import Resources -> Upload XML file" screen.

Ссылки

EPSS

Процентиль: 51%

0.00276

Низкий

4.9 Medium

CVSS3

CVE ID

Дефекты

CWE-611

Связанные уязвимости

CVE-2019-11519

CVSS3: 4.9

nvd

почти 7 лет назад

Libraries/Nop.Services/Localization/LocalizationService.cs in nopCommerce through 4.10 allows XXE via the "Configurations -> Languages -> Edit Language -> Import Resources -> Upload XML file" screen.

EPSS

Процентиль: 51%

0.00276

Низкий

4.9 Medium

CVSS3

CVE ID

Дефекты

CWE-611