CVE-2018-15805

2018-12-1018:00:00

mitre

www.cve.org

AI Score

9.1

Confidence

High

EPSS

0.002

Percentile

64.7%

JSON

Accusoft PrizmDoc HTML5 Document Viewer before 13.5 contains an XML external entity (XXE) vulnerability, allowing an attacker to read arbitrary files or cause a denial of service (resource consumption).

References

help.accusoft.com/PrizmDoc/v13.5/HTML/webframe.html#Release_v13_5.html

medium.com/%40mrnikhilsri/oob-xxe-in-prizmdoc-cve-2018-15805-dfb1e474345c