0.002 Low
EPSS
Percentile
56.5%
CandidATS version 3.0.0 allows an external attacker to read arbitrary files from the server. This is possible because the application is vulnerable to XXE.
candidats.net/
fluidattacks.com/advisories/jcole/