XML eXternal Entity (XXE) in OBDA systems’ Mastro 1.0 allows remote attackers to read system files via custom DTDs.
7.5CVSS
7.4AI Score
0.002EPSS
OBDA systems’ Mastro 1.0 is vulnerable to XML Entity Expansion (aka “billion laughs”) attack allowing denial of service.
7.5CVSS
7.4AI Score
0.001EPSS