PT-2018-9423 · Nemein · Openpsa
Prodigysml
·
Publicado
2018-06-26
·
Atualizado
2018-08-30
·
CVE-2018-1000526
CVSS v3.1
7.5
Alta
| Vetor | AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
Name of the Vulnerable Software and Affected Versions
Openpsa versions prior to the version containing commit 4974a26
Description
The issue is related to a XML Injection vulnerability in the RSS file upload feature, which can lead to Remote denial of service. This can be exploited via a specially crafted XML file.
Recommendations
For versions prior to the version containing commit 4974a26, update to a version that includes the fix for this issue, which is available after commit 4974a26.
Exploit
Correção
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Openpsa