2 matches found
CVE-2017-17762
XML external entity XXE vulnerability in Episerver 7 patch 4 and earlier allows remote attackers to read arbitrary files via a crafted DTD in an XML request involving util/xmlrpc/Handler.ashx...
CVE-2017-17762
CVE-2017-17762: Episerver 7 patch 4 and earlier is vulnerable to an XML External Entity (XXE) issue triggered by processing crafted DTDs in XML requests that involve util/xmlrpc/Handler.ashx, allowing remote attackers to read arbitrary files on the server. Affected component is Episerver 7 series...