CVE-2019-17323

Name of the Vulnerable Software and Affected Versions ClipSoft REXPERT versions 1.0.0.527 and earlier

Description The issue allows for arbitrary file creation and execution through the report print function of the rexpert viewer by using a modified XML document. User interaction is required, where the target must visit a malicious web page to exploit this issue.

Recommendations For ClipSoft REXPERT versions 1.0.0.527 and earlier, consider disabling the report print function of the rexpert viewer until a fix is available to prevent arbitrary file creation and execution. Restrict access to modified XML documents to minimize the risk of exploitation.