CVE-2021-46365

Name of the Vulnerable Software and Affected Versions Magnolia versions 6.2.3 and below

Description An issue in the Export function of Magnolia allows attackers to execute arbitrary code via a crafted XLF file. This issue enables attackers to perform XML External Entity attacks.

Recommendations For Magnolia versions 6.2.3 and below, consider disabling the Export function until a patch is available to prevent arbitrary code execution via crafted XLF files. Restrict access to the Export function to minimize the risk of exploitation. Avoid using the Export function with crafted XLF files until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.