2 matches found
CVE-2014-5398
CVE-2014-5398 affects Schneider Electric Wonderware Information Server (WIS) Portal 4.0 SP1 to 5.5. The issue is an XML External Entity (XXE) vulnerability causing local file disclosure or denial of service due to unsafe XML parsing. Affected versions include Portal 4.0 SP1 through 5.5; root caus...
CVE-2014-5398 Schneider Electric Wonderware Input Validation
Schneider Electric Wonderware Information Server WIS Portal 4.0 SP1 through 5.5 allows remote attackers to read arbitrary files or cause a denial of service via an XML external entity declaration in conjunction with an entity reference, related to an XML External Entity XXE issue...