Количество 2
Количество 2
CVE-2018-1000836
bw-calendar-engine version <= bw-calendar-engine-3.12.0 contains a XML External Entity (XXE) vulnerability in IscheduleClient XML Parser that can result in Disclosure of confidential data, denial of service, SSRF, port scanning. This attack appear to be exploitable via Man in the Middle or malicious server.
GHSA-xmvg-w4f9-99r7
XML External Entity (XXE) vulnerability in bw-calendar-engine
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2018-1000836 bw-calendar-engine version <= bw-calendar-engine-3.12.0 contains a XML External Entity (XXE) vulnerability in IscheduleClient XML Parser that can result in Disclosure of confidential data, denial of service, SSRF, port scanning. This attack appear to be exploitable via Man in the Middle or malicious server. | CVSS3: 9 | 0% Низкий | около 7 лет назад |
| GHSA-xmvg-w4f9-99r7 XML External Entity (XXE) vulnerability in bw-calendar-engine | CVSS3: 9 | 0% Низкий | около 7 лет назад |
Уязвимостей на страницу