CVE-2017-15685

Crafter CMS Crafter Studio 3.0.1 is affected by: XML External Entity (XXE). An unauthenticated attacker is able to create a site with specially crafted XML that allows the retrieval of OS files out-of-band.
References
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

cpe:2.3:a:craftercms:crafter_cms:*:*:*:*:*:*:*:*

Information

Published : 2020-11-27 10:15

Updated : 2020-11-28 14:53


NVD link : CVE-2017-15685

Mitre link : CVE-2017-15685


JSON object : View

CWE
CWE-91

XML Injection (aka Blind XPath Injection)

Advertisement

dedicated server usa

Products Affected

craftercms

  • crafter_cms