Описание
XML external entity (XXE) vulnerability in IBM Forms Experience Builder 8.5, 8.5.1, and 8.6 allows remote authenticated users to obtain sensitive information via crafted XML data. IBM X-Force ID: 112088.
Ссылки
- PatchVendor Advisory
- VDB EntryVendor Advisory
- PatchVendor Advisory
- VDB EntryVendor Advisory
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:ibm:forms_experience_builder:8.5:*:*:*:*:*:*:*
cpe:2.3:a:ibm:forms_experience_builder:8.5.1:*:*:*:*:*:*:*
cpe:2.3:a:ibm:forms_experience_builder:8.6.0:*:*:*:*:*:*:*
EPSS
Процентиль: 31%
0.00112
Низкий
2.7 Low
CVSS3
4 Medium
CVSS2
Дефекты
CWE-611
Связанные уязвимости
CVSS3: 2.7
github
больше 3 лет назад
XML external entity (XXE) vulnerability in IBM Forms Experience Builder 8.5, 8.5.1, and 8.6 allows remote authenticated users to obtain sensitive information via crafted XML data. IBM X-Force ID: 112088.
EPSS
Процентиль: 31%
0.00112
Низкий
2.7 Low
CVSS3
4 Medium
CVSS2
Дефекты
CWE-611