daffainfo
/
nuclei-templates
mirror of https://github.com/daffainfo/nuclei-templates.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Update CVE-2020-11991.yaml

patch-1
Jongwon Baek 2022-11-29 14:33:38 +09:00 committed by GitHub
parent e0271e045a
commit a74a2b3f28
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
cves/2020/CVE-2020-11991.yaml
View File

@ -1,7 +1,7 @@
id: CVE-2020-11991 id: CVE-2020-11991
info: info:
name: Apache Cocoon 2.1.12 XML Injection name: Apache Cocoon 2.1.12 - XML Injection
author: pikpikcu author: pikpikcu
severity: high severity: high
description: Apache Cocoon 2.1.12 is susceptible to XML injection. When using the StreamGenerator, the code parses a user-provided XML. A specially crafted XML, including external system entities, can be used to access any file on the server system. description: Apache Cocoon 2.1.12 is susceptible to XML injection. When using the StreamGenerator, the code parses a user-provided XML. A specially crafted XML, including external system entities, can be used to access any file on the server system.