Xxe

In Splunk Enterprise versions below 8.1.12, 8.2.9, and 9.0.2, an authenticated user can perform an extensible markup language XML external entity XXE injection via a custom View. The XXE injection causes Splunk Web to embed incorrect documents into an error...

PT-2021-5813

Name of the Vulnerable Software and Affected Versions REXML gem versions prior to 3.2.5 in Ruby versions prior to 2.6.7 REXML gem versions prior to 3.2.5 in Ruby versions 2.7.x prior to 2.7.3 REXML gem versions prior to 3.2.5 in Ruby versions 3.x prior to 3.0.1 Description The issue is related to...