CVE-2019-17323

2019-10-3020:49:41

CWE-91

krcert

www.cve.org

8.6 High

AI Score

Confidence

High

0.003 Low

EPSS

Percentile

70.0%

JSON

ClipSoft REXPERT 1.0.0.527 and earlier version allows arbitrary file creation and execution via report print function of rexpert viewer with modified XML document. User interaction is required to exploit this vulnerability in that the target must visit a malicious web page.

CNA Affected

[
  {
    "product": "REXPERT",
    "vendor": "ClipSoft",
    "versions": [
      {
        "status": "affected",
        "version": "1.0.0.527 and earlier"
      }
    ]
  }
]

References

www.boho.or.kr/krcert/secNoticeView.do?bulletin_writing_sequence=35184