2 matches found
CVE-2020-7572
A CWE-611 Improper Restriction of XML External Entity Reference vulnerability exists in EcoStruxure Building Operation WebReports V1.9 - V3.1 that could cause an authenticated remote user being able to inject arbitrary XML code and obtain disclosure of confidential data, denial of service, server...
CVE-2020-7572
CVE-2020-7572 affects Schneider Electric EcoStruxure Building Operation WebReports (WebReports) versions 1.9–3.1. The vulnerability is CWE-611: improper restriction of XML external entity references caused by misconfiguration of the XML parser, enabling an authenticated remote user to inject arbi...