CVE-2019-19032
HIGH WAF: High
CVSS 8.1
Published: 2019-12-30
CWE-611
XMLBlueprint through 16.191112 is affected by XML External Entity Injection. The impact is: Arbitrary File Read when an XML File is validated. The component is: XML Validate function. The attack vector is: Specially crafted XML payload.
WAF Coverage Analysis
XML External Entity (XXE)
High WAF Coverage
OWASP: A05:2021 Security Misconfiguration
941xxx - XSS / XXE
Affected Software
| Vendor | Product | Version |
|---|---|---|
| xmlblueprint | xmlblueprint | up to 16.191112 |
References
- packetstormsecurity.com (Exploit, Third Party Advisory, VDB Entry)
- hackpuntes.com (Exploit, Third Party Advisory)