3 matches found
CVE-2022-34001
Unit4 ERP through 7.9 allows XXE via ExecuteServerProcessAsynchronously...
CVE-2022-34001
creationtimestamp| type| source ---|---|--- 2022-07-19 20:40:47+00:00| seen| https://t.me/cibsecurity/46559...
CVE-2022-34001
Unit4 ERP (up to v7.9) is affected by a XXE vulnerability in the ExecuteServerProcessAsynchronously path. The root cause is an XML External Entity injection in that component, enabling potential disclosure of sensitive data via network-exposed input. Public details in connected sources confirm th...