3 matches found
CVE-2023-24470
Potential XML External Entity Injection in ArcSight Logger versions prior to 7.3.0...
CVE-2023-24470
ArcSight Logger prior to version 7.3.0 is vulnerable to XML External Entity (XXE) injection (CVE-2023-24470). The root cause is XXE in the product’s XML processing, enabling an attacker to potentially access or exfiltrate data via crafted XML. Public advisories confirm fixes in ArcSight Logger 7....
CVE-2023-24470
Potential XML External Entity Injection in ArcSight Logger versions prior to 7.3.0...