PT-2026-7582 · Unknown · Ebo Workstation
Published
2026-02-10
·
Updated
2026-02-11
·
CVE-2026-1227
CVSS v4.0
7.0
High
| Vector | AV:L/AC:L/AT:N/PR:L/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X |
Name of the Vulnerable Software and Affected Versions
EBO Workstation (affected versions not specified)
Description
An issue exists due to improper restriction of XML external entity references, which could lead to unauthorized disclosure of local files, interaction within the EBO system, or denial of service. This occurs when a local user uploads a specially crafted TGML graphics file to the EBO server from the workstation. The vulnerability involves the handling of XML external entities, potentially allowing an attacker to access or manipulate data beyond the intended boundaries.
Recommendations
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
DoS
XXE
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Ebo Workstation