CVE-2023-24323

Name of the Vulnerable Software and Affected Versions Mojoportal version 2.7

Description The issue is an authenticated XML external entity (XXE) injection vulnerability. This means that an attacker who has authenticated access to the system can potentially inject malicious XML code to access sensitive data or disrupt the system.

Recommendations For Mojoportal version 2.7, as a temporary workaround, consider restricting access to XML processing functions until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.