7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.006 Low
EPSS
Percentile
79.3%
The PHP OpenID Library contains an XML external entity injection vulnerability.
When processing specially crafted XRDS data, information on the server may be disclosed or server resources may be consumed excessively.
Apply a Patch
The source code in the repository has been fixed. Please apply the fixed code according to the code committed by the developer.