2 matches found
CVE-2021-29620
Report portal is an open source reporting and analysis framework. Starting from version 3.1.0 of the service-api XML parsing was introduced. Unfortunately the XML parser was not configured properly to prevent XML external entity XXE attacks. This allows a user to import a specifically-crafted XML...
CVE-2021-29620
CVE-2021-29620 concerns the Report Portal service-api. Starting with version 3.1.0, an XML parser was not properly configured to prevent XML External Entity (XXE) attacks, allowing a crafted XML import to reference external DTDs and external entities. This can lead to extraction of secrets from t...