daffainfo
/
nuclei-templates
mirror of https://github.com/daffainfo/nuclei-templates.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Enhancement: cves/2018/CVE-2018-8033.yaml by mp

patch-1
MostInterestingBotInTheWorld 2022-06-16 14:14:48 -04:00
parent adc0c8523b
commit 943d342c4c
1 changed files with 3 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
cves/2018/CVE-2018-8033.yaml
View File

@ -1,12 +1,13 @@
id: CVE-2018-8033
info:
name: Apache OFBiz XXEtes
name: Apache OFBiz 16.11.04 - XML Entity Injection
author: pikpikcu
severity: high
description: XXE injection (file disclosure) exploit for Apache OFBiz 16.11.04
description: Apache OFBiz 16.11.04 is susceptible to XML external entity injection (XXE injection).
reference:
- https://lists.apache.org/thread.html/e8fb551e86e901932081f81ee9985bb72052b4d412f23d89b1282777@%3Cuser.ofbiz.apache.org%3E
- https://nvd.nist.gov/vuln/detail/CVE-2018-8033
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
cvss-score: 7.5