commit
b9549723d1
|
@ -1,8 +1,8 @@
|
|||
id: CVE-2023-42344
|
||||
|
||||
info:
|
||||
name: OpenCMS - Unauthenticated XXE
|
||||
author: x0xr2r
|
||||
name: OpenCMS - XML external entity (XXE)
|
||||
author: 0xr2r
|
||||
severity: high
|
||||
description: |
|
||||
users can execute code without authentication. An attacker can execute malicious requests on the OpenCms server. When the requests are successful vulnerable OpenCms can be exploited resulting in an unauthenticated XXE vulnerability. Based on research OpenCMS versions from 9.0.0 to 10.5.0 are vulnerable.
|
||||
|
|
Loading…
Reference in New Issue