PT-2023-10155 · Unknown · Java-Xmlbuilder

Xiaoyongwu

·

Publicado

2023-02-19

·

Atualizado

2024-05-17

·

CVE-2014-125087

CVSS v3.1

9.8

Crítica

VetorAV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Name of the Vulnerable Software and Affected Versions java-xmlbuilder versions up to 1.1
Description A vulnerability was found in the software, rated as problematic. It affects some unknown functionality and leads to xml external entity reference.
Recommendations For versions up to 1.1, upgrade to version 1.2 to address this issue.

Exploit

Correção

XXE

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-611

Identificadores relacionados

CVE-2014-125087
GHSA-3VRC-RRPW-R5PW

Produtos afetados

Java-Xmlbuilder