PT-2019-9023 · Transition Technologies · The Scheduler
Published
2019-08-07
·
Updated
2019-08-14
·
CVE-2018-14383
CVSS v3.1
7.5
High
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
Transition Technologies "The Scheduler" app version 5.1.3
Description
The issue is related to a weakly configured XML parser, allowing XXE.
Recommendations
For version 5.1.3, update to version 5.2.1 or 3.3.7 to resolve the issue.
Fix
XXE
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
The Scheduler