2 matches found
CVE-2021-46827
CVE-2021-46827 affects Oxygen XML WebHelp prior to 22.1 build 2021082006 and 23.x prior to 23.1 build 2021090310. The issue is an XSS in the search terms proposals feature of online documentation generated by WebHelp, enabling JavaScript execution when a user types crafted text into the WebHelp o...
CVE-2019-20191
Oxygen XML Editor 21.1.1 is affected by an XML External Entity (XXE) vulnerability that can be leveraged to read arbitrary files. The CVE entry CVE-2019-20191 is corroborated by multiple sources (NVD, CNVD, CVE list), describing an XXE issue with partial confidentiality impact. No remediation det...