Количество 2
Количество 2
CVE-2019-8126
An XML entity injection vulnerability exists in Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3 or 2.3.2-p1. An authenticated admin user can craft document type definition for an XML representing XML layout. The crafted document type definition and XML layout allow processing of external entities which can lead to information disclosure.
GHSA-427g-2r83-3ccm
Information disclosure through processing of external XML entities
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2019-8126 An XML entity injection vulnerability exists in Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3 or 2.3.2-p1. An authenticated admin user can craft document type definition for an XML representing XML layout. The crafted document type definition and XML layout allow processing of external entities which can lead to information disclosure. | CVSS3: 4.9 | 0% Низкий | больше 6 лет назад |
| GHSA-427g-2r83-3ccm Information disclosure through processing of external XML entities | CVSS3: 4.9 | 0% Низкий | около 6 лет назад |
Уязвимостей на страницу