5 matches found
CVE-2023-24189
An XML External Entity XXE vulnerability in urule v2.1.7 allows attackers to execute arbitrary code via uploading a crafted XML file to /urule/common/saveFile...
CVE-2023-24189
An XML External Entity XXE vulnerability in urule v2.1.7 allows attackers to execute arbitrary code via uploading a crafted XML file to /urule/common/saveFile...
Xxe
An XML External Entity XXE vulnerability in urule v2.1.7 allows attackers to execute arbitrary code via uploading a crafted XML file to /urule/common/saveFile...
CVE-2023-24189
Summary (CVE-2023-24189) : An XML External Entity (XXE) vulnerability in urule v2.1.7 allows remote code execution by uploading a crafted XML file to the API endpoint /urule/common/saveFile. This affects urule’s XML handling and is deemed CRITICAL (CVSS 3.1: AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H; b...
CVE-2023-24189
An XML External Entity XXE vulnerability in urule v2.1.7 allows attackers to execute arbitrary code via uploading a crafted XML file to /urule/common/saveFile...