WhiteSource Vulnerability Database
We found results for “”
Good to know:
Date: February 23, 2016
XML External Entity Processing vulnerability in TYPO3 6.2.x before 6.2.19 and 7.6.x before 7.6.4. All XML processing within the TYPO3 CMS are vulnerable to XEE processing. This can lead to load internal and/or external (file) content within an XML structure.
Weakness Type (CWE)
XML Injection (aka Blind XPath Injection)CWE-91
Upgrade to version 6.2.19,7.6.4.
|Attack Vector (AV):||NETWORK|
|Attack Complexity (AC):||LOW|
|Privileges Required (PR):||NONE|
|User Interaction (UI):||NONE|