CVE-2023-49234

Опубликовано: 29 мар. 2024

Источник: nvd

CVSS3: 6.3

EPSS Низкий

Описание

An XML external entity (XXE) vulnerability was found in Stilog Visual Planning 8. It allows an authenticated attacker to access local server files and exfiltrate data to an external server.

Ссылки

http://seclists.org/fulldisclosure/2024/Apr/3
https://www.schutzwerk.com/advisories/SCHUTZWERK-SA-2023-006.txt
https://www.schutzwerk.com/blog/schutzwerk-sa-2023-006/
https://www.visual-planning.com/en/support-portal/updates
http://seclists.org/fulldisclosure/2024/Apr/3
https://www.schutzwerk.com/advisories/SCHUTZWERK-SA-2023-006.txt
https://www.schutzwerk.com/blog/schutzwerk-sa-2023-006/
https://www.visual-planning.com/en/support-portal/updates

EPSS

Процентиль: 17%

0.00054

Низкий

6.3 Medium

CVSS3

Дефекты

CWE-611

Связанные уязвимости

GHSA-3x6c-xfwc-qp7m