Lucene search
MitreCVELIST:CVE-2023-28150HistoryMar 24, 2023 - 12:00 a.m.
CVE-2023-28150
2023-03-2400:00:00
mitre
www.cve.org
xml external entity injection
remote dtd
docx file
cve-2023-28150
CVSS3
5.3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
AI Score
9.6
Confidence
High
EPSS
0.002
Percentile
51.8%
An issue was discovered in Independentsoft JODF before 1.1.110. The API is prone to XML external entity (XXE) injection via a remote DTD in a DOCX file.
Related
nvd
nvd
CVE-2023-28150
2023-03-24 22:15:07
prion
prion
Xxe
2023-03-24 22:15:00
cve
cve
CVE-2023-28150
2023-03-24 22:15:07
CVSS3
5.3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
AI Score
9.6
Confidence
High
EPSS
0.002
Percentile
51.8%
Related for CVELIST:CVE-2023-28150