Lucene search
GoogleOSV:CVE-2021-26703HistoryMar 01, 2021 - 10:15 p.m.
CVE-2021-26703
2021-03-0122:15:14
Google
osv.dev
EPrints 3.4.2 allows remote attackers to read arbitrary files and possibly execute commands via crafted JSON/XML input to a cgi/ajax/phrase URI.
| CPE | Name | Operator | Version |
|---|---|---|---|
| eprints3.4 | eq | 3.4.1-rc2 | |
| eprints3.4 | eq | 3.4.2-rc1 | |
| eprints3.4 | eq | 3.4.2 | |
| eprints3.4 | eq | 3.4.2-rc3 | |
| eprints3.4 | eq | 3.4.0 | |
| eprints3.4 | eq | 3.4.1 | |
| eprints3.4 | eq | 3.4.2-rc2 | |
| eprints3.4 | eq | 3.4.0-rc1 |
Related
cve
cve
CVE-2021-26703
2021-03-01 22:15:14
cvelist
cvelist
CVE-2021-26703
2021-03-01 21:02:04
nvd
nvd
CVE-2021-26703
2021-03-01 22:15:14
checkpoint_advisories
checkpoint_advisories
XML External Entity Over HTTP Request (CVE-2021-26703)
2021-04-11 00:00:00
prion
prion
Input validation
2021-03-01 22:15:00