2 matches found
CVE-2023-2161
A CWE-611: Improper Restriction of XML External Entity Reference vulnerability exists that could cause unauthorized read access to the file system when a malicious configuration file is loaded on to the software by a local user...
CVE-2023-2161
Affected software : Schneider Electric OPC Factory Server. Vulnerability : XML External Entity (XXE) injection due to improper restriction of XML external entities (CWE-611). Root cause : improper handling/restriction of external entity references when parsing configuration files. Impact : could ...