exploitDog

GHSA-gjg3-8mx2-7f8f

Опубликовано: 06 июл. 2023

Источник: github

Github: Не прошло ревью

CVSS3: 7.5

Описание

cgi-bin/xmlstatus.cgi in Güralp MAN-EAM-0003 3.2.4 is vulnerable to an XML External Entity (XXE) issue via XML file upload, which leads to local file disclosure.

cgi-bin/xmlstatus.cgi in Güralp MAN-EAM-0003 3.2.4 is vulnerable to an XML External Entity (XXE) issue via XML file upload, which leads to local file disclosure.

Ссылки

EPSS

Процентиль: 99%

0.83277

Высокий

7.5 High

CVSS3

CVE ID

Дефекты

CWE-611

Связанные уязвимости

CVE-2022-38840

CVSS3: 7.5

nvd

почти 3 года назад

cgi-bin/xmlstatus.cgi in Güralp MAN-EAM-0003 3.2.4 is vulnerable to an XML External Entity (XXE) issue via XML file upload, which leads to local file disclosure.

EPSS

Процентиль: 99%

0.83277

Высокий

7.5 High

CVSS3

CVE ID

Дефекты

CWE-611