CVE-2018-17169

2019-04-2313:34:01

mitre

www.cve.org

7.2 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

53.7%

JSON

An XML external entity (XXE) vulnerability in PrinterOn version 4.1.4 and lower allows remote authenticated users to read arbitrary files or conduct server-side request forgery (SSRF) attacks via a crafted DTD in an XML request.

References

github.com/DrunkenShells/Disclosures/tree/master/CVE-2018-17169-XXE-PrinterON