2 matches found
CVE-2022-2131
OpenKM Community Edition in its 6.3.10 version and before was using XMLReader parser in XMLTextExtractor.java file without the required security flags, allowing an attacker to perform a XML external entity injection attack...
CVE-2022-2131
Summary: CVE-2022-2131 affects OpenKM Community Edition 6.3.10 and earlier, where an XMLReader parser in XMLTextExtractor.java was used without the required security flags, enabling an XML External Entity (XXE) attack. What is affected: OpenKM Community Edition versions up to and including 6.3.10...