CVE-2020-35604
CRITICAL WAF: High
CVSS 9.8
Published: 2020-12-21
CWE-611
An XXE attack can occur in Kronos WebTA 5.0.4 when SAML is used.
WAF Coverage Analysis
XML External Entity (XXE)
High WAF Coverage
OWASP: A05:2021 Security Misconfiguration
941xxx - XSS / XXE
Affected Software
| Vendor | Product | Version |
|---|---|---|
| kronos | web_time_and_attendance | 5.0.4 |
References
- www.mindpointgroup.com (Exploit, Third Party Advisory)