Merge pull request #9191 from projectdiscovery/name-change

Update CVE-2023-42344.yaml
patch-1
Ritik Chaddha 2024-02-22 13:12:47 +05:30 committed by GitHub
commit b9549723d1
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
1 changed files with 3 additions and 3 deletions

View File

@ -1,8 +1,8 @@
id: CVE-2023-42344
info:
name: OpenCMS - Unauthenticated XXE
author: x0xr2r
name: OpenCMS - XML external entity (XXE)
author: 0xr2r
severity: high
description: |
users can execute code without authentication. An attacker can execute malicious requests on the OpenCms server. When the requests are successful vulnerable OpenCms can be exploited resulting in an unauthenticated XXE vulnerability. Based on research OpenCMS versions from 9.0.0 to 10.5.0 are vulnerable.