2 matches found
CVE-2018-3881
An exploitable unauthenticated XML external injection vulnerability was identified in FocalScope v2416. A unauthenticated attacker could submit a specially crafted web request to FocalScope's server that could cause an XXE, and potentially result in data compromise...
CVE-2018-3881
CVE-2018-3881 affects FocalScope v2416 and earlier: an unauthenticated XML External Entity (XXE) vulnerability that allows a crafted XML payload to cause data disclosure. TALOS details show the vulnerability is triggered via POST to /emm/cros /xlogin.asp with a crafted XML document, demonstrating...