Описание
Keyoti SearchUnit prior to 9.0.0. is vulnerable to XML External Entity (XXE). An attacker who can force a vulnerable SearchUnit host into parsing maliciously crafted XML and/or DTD files can exfiltrate some files from the underlying operating system.
EPSS
Процентиль: 11%
0.00038
Низкий
7.5 High
CVSS3
Дефекты
CWE-611
Связанные уязвимости
CVSS3: 7.5
github
8 месяцев назад
Keyoti SearchUnit prior to 9.0.0. is vulnerable to XML External Entity (XXE). An attacker who can force a vulnerable SearchUnit host into parsing maliciously crafted XML and/or DTD files can exfiltrate some files from the underlying operating system.
EPSS
Процентиль: 11%
0.00038
Низкий
7.5 High
CVSS3
Дефекты
CWE-611