exploitDog

CVE-2018-16521

Опубликовано: 05 сент. 2018

Источник: nvd

CVSS3: 9.8

CVSS2: 7.5

EPSS Низкий

Описание

An XML External Entity (XXE) vulnerability exists in HTML Form Entry 3.7.0, as distributed in OpenMRS Reference Application 2.8.0.

Ссылки

https://github.com/openmrs/openmrs-module-htmlformentry/pull/137
Patch
Third Party Advisory
https://github.com/openmrs/openmrs-module-htmlformentry/pull/138
Patch
Third Party Advisory
https://github.com/openmrs/openmrs-module-htmlformentry/pull/137
Patch
Third Party Advisory
https://github.com/openmrs/openmrs-module-htmlformentry/pull/138
Patch
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:openmrs:html_form_entry:3.7.0:*:*:*:*:*:*:*

Конфигурация 2

cpe:2.3:a:openmrs:reference_application:2.8.0:*:*:*:*:*:*:*

EPSS

Процентиль: 54%

0.00312

Низкий

9.8 Critical

CVSS3

7.5 High

CVSS2

Дефекты

CWE-611

Связанные уязвимости

GHSA-pfpg-h57h-cgrj

CVSS3: 9.8

github

больше 3 лет назад

An XML External Entity (XXE) vulnerability exists in HTML Form Entry 3.7.0, as distributed in OpenMRS Reference Application 2.8.0.

EPSS

Процентиль: 54%

0.00312

Низкий

9.8 Critical

CVSS3

7.5 High

CVSS2

Дефекты

CWE-611