The vulnerability of the corporate platform for creating, managing, and processing electronic forms, documents, and business processes within Adobe Experience Manager (AEM) Forms on JEE lies in the incorrect restrictions on XML links to external objects. This allows attackers to read arbitrary files.

The vulnerability of the corporate platform for creating, managing, and processing electronic forms, documents, and business processes within Adobe Experience Manager AEM Forms on JEE is related to incorrect restrictions on XML references to external objects. Exploiting this vulnerability could...

The vulnerability of the SmartFabric OS10 network operating system, related to incorrect restrictions on XML links to external objects, allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the SmartFabric OS10 network operating system is related to incorrect restrictions on XML links to external objects. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information...

The vulnerability of the online business analytics service IBM Cognos Analytics, related to incorrect restrictions on XML links to external objects, allows attackers to disclose protected information or exploit memory resources.

The vulnerability of the online business analytics service IBM Cognos Analytics is related to incorrect restrictions on XML links to external objects. Exploiting this vulnerability could allow a malicious actor to disclose sensitive information or access memory resources...

The vulnerability of software for integrating old and new technologies from IBM EntireX arises from incorrect restrictions on XML references to external objects, allowing attackers to disclose protected information.

The vulnerability of the software for integrating old and new technologies from IBM EntireX is related to incorrect restrictions on XML links to external objects. Exploiting this vulnerability can allow a malicious actor to disclose protected information remotely...

The vulnerability of the software platform for monitoring and managing IT infrastructure—Operations Bridge Manager (OBM)—is related to incorrect restrictions on XML links to external objects. This allows a malicious actor to gain unauthorized access to confidential information.

The vulnerability of the software platform for monitoring and managing IT infrastructure, Operations Bridge Manager OBM, is related to incorrect restrictions on XML links to external objects. Exploiting this vulnerability could allow a malicious actor, operating remotely, to gain unauthorized...

The vulnerability of Microsoft SharePoint Server, Microsoft SharePoint Server Subscription Edition, and Microsoft SharePoint Enterprise Server programs lies in the improper limitation of XML references to external objects, which allows attackers to gain unauthorized access to protected information.

The vulnerability of Microsoft SharePoint Server, Microsoft SharePoint Server Subscription Edition, and Microsoft SharePoint Enterprise Server is related to incorrect restrictions on XML references to external objects. Exploiting this vulnerability can allow an attacker to gain unauthorized acces...

The vulnerability of the interactive browser environment for data analysis and visualization in Apache Zeppelin SAP arises from incorrect restrictions on XML links to external objects. This allows attackers to disclose sensitive information or cause service failures.

The vulnerability of the interactive browser environment for data analysis and visualization in Apache Zeppelin SAP is related to incorrect restrictions on XML links to external objects. Exploiting this vulnerability can allow a malicious actor to disclose sensitive information or cause service...

PT-2024-4514 · Sap · Sap Netweaver As Java

Name of the Vulnerable Software and Affected Versions: SAP NetWeaver AS Java versions 7.50 Description: The issue is related to the incorrect restriction of XML links to external objects in the Guided Procedures component of SAP NetWeaver AS for Java. This can be exploited by a remote attacker...

The vulnerability of the programming software for PLCs (programmable logic controllers), namely the Saia PG5 Controls Suite, arises from incorrect restrictions on XML links to external objects. This allows a malicious individual to gain unauthorized access to protected information.

The vulnerability of the programming software for PLCs programmable logic controllers, Saia PG5 Controls Suite, is related to incorrect restrictions on XML links to external objects. Exploiting this vulnerability can allow an intruder to gain unauthorized access to protected information...

The vulnerability of the programming software for PLCs (programmable logic controllers), namely the Saia PG5 Controls Suite, arises from incorrect restrictions on XML references to external objects. This vulnerability allows attackers to gain unauthorized access to protected information.

The vulnerability of the programming software for PLCs programmable logic controllers, Saia PG5 Controls Suite, is related to incorrect restrictions on XML links to external objects. Exploiting this vulnerability can allow an intruder to gain unauthorized access to protected information...

The vulnerability of the programming software for PLCs (programmable logic controllers), namely the Saia PG5 Controls Suite, arises from incorrect restrictions on XML references to external objects. This vulnerability allows attackers to gain unauthorized access to protected information.

The vulnerability of the programming software for PLCs programmable logic controllers, Saia PG5 Controls Suite, is related to incorrect restrictions on XML links to external objects. Exploiting this vulnerability can allow an intruder to gain unauthorized access to protected information...

postgresql: Extension scripts replace objects not belonging to the extension.

A vulnerability was found in PostgreSQL. This attack requires permission to create non-temporary objects in at least one schema, the ability to lure or wait for an administrator to create or update an affected extension in that schema, and the ability to lure or wait for a victim to use the objec...

The vulnerability of the OpenCMS content management system lies in the improper limitation of XML links to external objects, which allows attackers to execute arbitrary code by sending a specially crafted POST request.

The vulnerability of the OpenCMS content management system is related to incorrect restrictions on XML links to external objects. Exploiting this vulnerability allows a malicious actor to execute arbitrary code by sending a specially crafted POST request remotely...

The vulnerability of Siemens OPC UA Modeling Editor (SiOME) relates to incorrect restrictions on XML references to external objects, allowing attackers to gain unauthorized access to protected information.

The vulnerability of the Siemens OPC UA Modeling Editor SiOME is related to incorrect restrictions on XML references to external objects. Exploiting this vulnerability may allow an attacker to gain unauthorized access to protected information...

The vulnerability of the Microsoft .NET Framework software lies in the improper limitation of XML references to external objects, which allows attackers to access confidential information.

The vulnerability of the Microsoft .NET Framework software platform is related to an incorrect limitation on XML references to external objects. Exploiting this vulnerability could allow a malicious actor to gain access to confidential information...

The vulnerability of the “Add UCS Device” function in the OpManager network monitoring software, including OpManager MSP and OpManager Plus, allows a attacker to perform an SSRF attack.

The vulnerability of the “Add UCS Device” function in OpManager’s network monitoring software, including OpManager MSP and OpManager Plus, is related to incorrect restrictions on XML links to external objects. Exploiting this vulnerability could allow a malicious actor to perform an SSRF attack...

The vulnerability of the Fortinet FortiNAC network access control mechanism lies in improper restrictions on XML links to external objects. This allows attackers to gain unauthorized access to protected information or cause service failures.

The vulnerability of the Fortinet FortiNAC network access control mechanism is related to incorrect restrictions on XML links to external objects. Exploiting this vulnerability can allow a malicious actor, operating remotely, to gain unauthorized access to protected information or cause service...

The vulnerability in the web interface of the Cisco Identity Services Engine (ISE) management platform allows a attacker to perform an SSRF attack.

The vulnerability in the web interface of the Cisco Identity Services Engine ISE management platform relates to incorrect restrictions on XML links to external objects. Exploiting this vulnerability allows a malicious actor to execute an SSRF attack by loading a specially created XML file...

The vulnerability of the NetAct network management system lies in the improper limitation of XML links to external objects. This allows attackers to gain unauthorized access to protected information or perform SSRF attacks.

The vulnerability of the NetAct network management system is related to incorrect restrictions on XML links to external objects. Exploiting this vulnerability can allow a malicious actor to gain unauthorized access to protected information or perform an SSRF attack...

The vulnerability in the web interface of the Cisco Identity Services Engine (ISE) management platform allows a perpetrator to gain unauthorized access to protected information or perform an SSRF attack.

The vulnerability in the web interface of the Cisco Identity Services Engine ISE management platform relates to incorrect restrictions on XML links to external objects. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information or perform a SSRF attac...