3 matches found
CVE-2022-45326
An XML external entity XXE injection vulnerability in Kwoksys Kwok Information Server before v2.9.5.SP31 allows remote authenticated users to conduct server-side request forgery SSRF attacks...
CVE-2022-45326
An XML external entity XXE injection vulnerability in Kwoksys Kwok Information Server before v2.9.5.SP31 allows remote authenticated users to conduct server-side request forgery SSRF attacks...
CVE-2022-45326
CVE-2022-45326 affects Kwoksys Kwok Information Server — vulnerable component: XML processing (XXE) leading to server-side request forgery (SSRF). Affected: versions before 2.9.5.SP31; root cause is an XML external entity vulnerability. Impact as described: remote authenticated users can trigger ...