Описание
A XML External Entity (XXE) vulnerability was discovered in symphony\lib\toolkit\class.xmlelement.php in Symphony 2.7.10 which can lead to an information disclosure or denial of service (DOS).
Ссылки
- Product
- ExploitIssue TrackingThird Party Advisory
- Product
- ExploitIssue TrackingThird Party Advisory
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:getsymphony:symphony:2.7.10:*:*:*:*:*:*:*
EPSS
Процентиль: 50%
0.00269
Низкий
9.1 Critical
CVSS3
6.4 Medium
CVSS2
Дефекты
CWE-611
Связанные уязвимости
github
больше 3 лет назад
A XML External Entity (XXE) vulnerability was discovered in symphony\lib\toolkit\class.xmlelement.php in Symphony 2.7.10 which can lead to an information disclosure or denial of service (DOS).
EPSS
Процентиль: 50%
0.00269
Низкий
9.1 Critical
CVSS3
6.4 Medium
CVSS2
Дефекты
CWE-611