2 matches found
CVE-2022-42745
CandidATS version 3.0.0 allows an external attacker to read arbitrary files from the server. This is possible because the application is vulnerable to XXE...
CVE-2022-42745
CVE-2022-42745 affects CandidATS 3.0.0. The connected documents state that an external attacker can read arbitrary files from the server due to XXE vulnerability in the application. The Red Hat/Other sources corroborate the same description. There is no explicit exploit code or active exploitatio...