11 matches found
Missing XML Validation vulnerability in Apache Struts Dependency in Bamboo Data Center
This High severity Missing XML Validation vulnerability was introduced in versions 9.6.0, 10.0.0, 10.1.0 and 10.2.0 of Bamboo Data Center. This Missing XML Validation vulnerability, with a CVSS Score of 8.1 and a CVSS Vector of CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:L/A:N allows an plugin vendor ...
Missing XML Validation
Overview org.apache.struts:struts2-core is a popular open-source framework for developing web applications in the Java programming language. Affected versions of this package are vulnerable to Missing XML Validation. An attacker can access sensitive information or cause a denial of service by...
EUVD-2019-1113
Malware in sbrugna...
CVE-2019-0340
The XML parser, which is being used by SAP Enable Now, before version 1902, has not been hardened correctly, leading to Missing XML Validation vulnerability. This issue affects the file upload at multiple locations. An attacker can read local XXE files...
CVE-2020-6238
SAP Commerce, versions - 6.6, 6.7, 1808, 1811, 1905, does not process XML input securely in the Rest API from Servlet xyformsweb, leading to Missing XML Validation. This affects confidentiality and availability partially of SAP Commerce...
Input validation
SAP Commerce, versions - 6.6, 6.7, 1808, 1811, 1905, does not process XML input securely in the Rest API from Servlet xyformsweb, leading to Missing XML Validation. This affects confidentiality and availability partially of SAP Commerce...
CVE-2020-6238
SAP Commerce, versions - 6.6, 6.7, 1808, 1811, 1905, does not process XML input securely in the Rest API from Servlet xyformsweb, leading to Missing XML Validation. This affects confidentiality and availability partially of SAP Commerce...
CVE-2019-0340
The XML parser, which is being used by SAP Enable Now, before version 1902, has not been hardened correctly, leading to Missing XML Validation vulnerability. This issue affects the file upload at multiple locations. An attacker can read local XXE files...
Input validation
The XML parser, which is being used by SAP Enable Now, before version 1902, has not been hardened correctly, leading to Missing XML Validation vulnerability. This issue affects the file upload at multiple locations. An attacker can read local XXE files...
CVE-2019-0340
The XML parser, which is being used by SAP Enable Now, before version 1902, has not been hardened correctly, leading to Missing XML Validation vulnerability. This issue affects the file upload at multiple locations. An attacker can read local XXE files...
CVE-2019-0340
CVE-2019-0340 affects SAP Enable Now; before version 1902 its XML parser is not hardened, enabling Missing XML Validation and local XXE disclosure via file upload at multiple locations. The NVD entry lists CVSSv3 base 5.4 (Medium) with network attack, low privileges, no user interaction. Connecte...