4 matches found
CVE-2021-3312
An XML external entity XXE vulnerability in Alkacon OpenCms 11.0, 11.0.1 and 11.0.2 allows remote authenticated users with edit privileges to exfiltrate files from the server's file system by uploading a crafted SVG document...
CVE-2021-3312
creationtimestamp| type| source ---|---|--- 2021-10-08 18:40:10+00:00| seen| https://t.me/cibsecurity/30245...
CVE-2021-3312
An XML external entity XXE vulnerability in Alkacon OpenCms 11.0, 11.0.1 and 11.0.2 allows remote authenticated users with edit privileges to exfiltrate files from the server's file system by uploading a crafted SVG document...
CVE-2021-3312
CVE-2021-3312 describes an XML External Entity (XXE) vulnerability in Alkacon OpenCms (11.0, 11.0.1, 11.0.2). The underlying issue allows remote authenticated users with edit privileges to exfiltrate files from the server’s filesystem by uploading a crafted SVG document. The vulnerability is tied...