Lucene search

MitreCVELIST:CVE-2018-1000823

HistoryDec 20, 2018 - 3:00 p.m.

CVE-2018-1000823

2018-12-2015:00:00

mitre

www.cve.org

cve-2018-1000823

xml parser

xxe vulnerability

confidential data disclosure

denial of service

ssrf

port scanning

AI Score

9.5

Confidence

High

EPSS

0.002

Percentile

61.3%

JSON

exist version <= 5.0.0-RC4 contains a XML External Entity (XXE) vulnerability in XML Parser for REST Server that can result in Disclosure of confidential data, denial of service, SSRF, port scanning.

References

0dd.zone/2018/10/27/exist-XXE/

github.com/eXist-db/exist/issues/2180