Xxe

2018-12-1019:29:00

PRIOn knowledge base

www.prio-n.com

8.9 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

64.7%

JSON

Accusoft PrizmDoc HTML5 Document Viewer before 13.5 contains an XML external entity (XXE) vulnerability, allowing an attacker to read arbitrary files or cause a denial of service (resource consumption).

CPENameOperatorVersion
prizmdoclt13.5

CPE	Name	Operator	Version
	prizmdoc	lt	13.5

References

help.accusoft.com/PrizmDoc/v13.5/HTML/webframe.html

medium.com/@mrnikhilsri/oob-xxe-in-prizmdoc-cve-2018-15805-dfb1e474345c