Описание
Panasonic FPWIN Pro, all Versions 7.5.1.1 and prior, allows an attacker to craft a project file specifying a URI that causes the XML parser to access the URI and embed the contents, which may allow the attacker to disclose information that is accessible in the context of the user executing software.
Ссылки
- Third Party AdvisoryUS Government Resource
- Third Party AdvisoryUS Government Resource
Уязвимые конфигурации
Конфигурация 1Версия до 7.5.1.1 (включая)
cpe:2.3:a:panasonic:fpwin_pro:*:*:*:*:*:*:*:*
EPSS
Процентиль: 36%
0.00154
Низкий
5.5 Medium
CVSS3
4.3 Medium
CVSS2
Дефекты
CWE-611
Связанные уязвимости
github
больше 3 лет назад
Panasonic FPWIN Pro, all Versions 7.5.1.1 and prior, allows an attacker to craft a project file specifying a URI that causes the XML parser to access the URI and embed the contents, which may allow the attacker to disclose information that is accessible in the context of the user executing software.
EPSS
Процентиль: 36%
0.00154
Низкий
5.5 Medium
CVSS3
4.3 Medium
CVSS2
Дефекты
CWE-611