3 matches found
Oxygen XML Web Author 安全漏洞
SyncRO Soft Oxygen XML Web Author is an XML editor from SyncRO Soft. A security vulnerability exists in Oxygen XML Web Author version v26.0.0 and earlier, and Oxygen Content Fusion version v6.1 and earlier. An attacker could exploit this vulnerability to conduct cross-site scripting attacks...
CVE-2023-26559
A directory traversal vulnerability in Oxygen XML Web Author before 25.0.0.3 build 2023021715 and Oxygen Content Fusion before 5.0.3 build 2023022015 allows an attacker to read files from a WEB-INF directory via a crafted HTTP request. XML Web Author 24.1.0.3 build 2023021714 and 23.1.1.4 build...
PT-2023-20727 · Syncro Soft · Oxygen Content Fusion +1
Name of the Vulnerable Software and Affected Versions: Oxygen XML Web Author versions prior to 25.0.0.3 build 2023021715 Oxygen Content Fusion versions prior to 5.0.3 build 2023022015 Description: A directory traversal issue allows an attacker to read files from a WEB-INF directory via a crafted...