3 matches found
CVE-2024-4184 Multiple XXE sinks in ALM archive post-build step in OpenText Application Automation Tools
Improper Restriction of XML External Entity Reference vulnerability in OpenText Application Automation Tools allows DTD Injection.This issue affects OpenText Application Automation Tools: 24.1.0 and below...
CVE-2024-4184 Multiple XXE sinks in ALM archive post-build step in OpenText Application Automation Tools
Improper Restriction of XML External Entity Reference vulnerability in OpenText Application Automation Tools allows DTD Injection.This issue affects OpenText Application Automation Tools: 24.1.0 and below...
CVE-2024-4184
OpenText Application Automation Tools plugin for Jenkins (versions 24.1.0 and earlier) is affected by CVE-2024-4184 due to improper restriction of XML external entity references, enabling DTD injection when parsing input files. Impact described as high in CVSS metrics; exploitation status is not ...