PT-2026-36826 · Ilm Informatique · Jopendocument
Dominique Righetto
·
Published
2026-05-04
·
Updated
2026-05-04
·
CVE-2026-6501
CVSS v4.0
5.3
Medium
| Vector | AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X |
Name of the Vulnerable Software and Affected Versions
jOpenDocument version 1.5
Description
Improper restriction of XML external entity reference in ILM Informatique jOpenDocument allows Data Serialization External Entities Blowup. This occurs when the application fails to properly restrict XML external entities, which are references to external files or resources within an XML document.
Recommendations
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
XXE
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Jopendocument