2 matches found
JVN#39596244: Improper restriction of XML external entity references (XXE) in FD Application
FD Application provided by Ministry of Health, Labour and Welfare improperly restricts XML external entity references XXE CWE-611. Impact By processing a specially crafted XML file, arbitrary files on the system may be read by an attacker. Solution Update the Software Update the software to the...
CVE-2023-3113
An unauthenticated XML external entity injection XXE vulnerability exists in LXCA's Common Information Model CIM server that could result in read-only access to specific files...