7 matches found
CVE-2023-37233
Loftware Spectrum before 4.6 HF14 allows authenticated XXE attacks...
CVE-2023-37231
Loftware Spectrum before 4.6 HF14 uses a Hard-coded Password...
CVE-2023-37226
Loftware Spectrum before 4.6 HF14 has Missing Authentication for a Critical Function...
CVE-2023-37233
Loftware Spectrum before 4.6 HF14 allows authenticated XXE attacks...
CVE-2023-37231
Loftware Spectrum before 4.6 HF14 uses a Hard-coded Password...
CVE-2023-37226
Loftware Spectrum before 4.6 HF14 has Missing Authentication for a Critical Function...
CVE-2023-37233
CVE-2023-37233 affects Loftware Spectrum prior to version 4.6 HF14. The issue is an authenticated XML External Entity (XXE) vulnerability in the product’s XML processing, leading to potential high-impact exposure per CVSS (Confidentiality, Integrity, Availability: HIGH). Connected documents confi...