PT-2023-12230 · Openkm · Openkm

Monkiki

Publicado

2023-02-17

Atualizado

2025-03-18

CVE-2021-33950

CVSS v3.1

7.5

Alta

Vetor

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Name of the Vulnerable Software and Affected Versions OpenKM version 6.3.10

Description An issue in OpenKM allows attackers to obtain sensitive information via the XMLTextExtractor function.

Recommendations For OpenKM version 6.3.10, consider disabling the XMLTextExtractor function until a patch is available.

Correção

XXE

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

CVE-2021-33950

Openkm