Описание
External XML entity injection allows arbitrary download of files. The score without least privilege principle violation is as calculated below. In combination with other issues it may facilitate further compromise of the device. Remediation in Version 6.8.0, release date: 01-Mar-25.
EPSS
Процентиль: 32%
0.00123
Низкий
4.9 Medium
CVSS3
Дефекты
CWE-611
Связанные уязвимости
CVSS3: 4.9
github
11 месяцев назад
External XML entity injection allows arbitrary download of files. The score without least privilege principle violation is as calculated below. In combination with other issues it may facilitate further compromise of the device. Remediation in Version 6.8.0, release date: 01-Mar-25.
EPSS
Процентиль: 32%
0.00123
Низкий
4.9 Medium
CVSS3
Дефекты
CWE-611