Описание
An attacker with access to an HX 10.0.0 and previous versions, may send specially-crafted data to the HX console. The malicious detection would then trigger file parsing containing exponential entity expansions in the consumer process thus causing a Denial of Service.
EPSS
Процентиль: 57%
0.00352
Низкий
5.9 Medium
CVSS3
Дефекты
CWE-776
Связанные уязвимости
CVSS3: 5.9
github
около 1 года назад
An attacker with access to an HX 10.0.0 and previous versions, may send specially-crafted data to the HX console. The malicious detection would then trigger file parsing containing exponential entity expansions in the consumer process thus causing a Denial of Service.
EPSS
Процентиль: 57%
0.00352
Низкий
5.9 Medium
CVSS3
Дефекты
CWE-776