Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

  1. Reconshell
  2. Vulnerabilities (CVE)
Filtered by vendor Apereo Subscribe
Filtered by product Bw-webdav
Total 1 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2018-20000 1 Apereo 1 Bw-webdav 2019-01-24 5.0 MEDIUM 7.5 HIGH
Apereo Bedework bw-webdav before 4.0.3 allows XXE attacks, as demonstrated by an invite-reply document that reads a local file, related to webdav/servlet/common/MethodBase.java and webdav/servlet/common/PostRequestPars.java.