CVE-2023-52239
MEDIUM WAF: High
CVSS 6.5
Published: 2024-02-06
CWE-611 CWE-611
The XML parser in Magic xpi Integration Platform 4.13.4 allows XXE attacks, e.g., via onItemImport.
WAF Coverage Analysis
XML External Entity (XXE)
High WAF Coverage
OWASP: A05:2021 Security Misconfiguration
941xxx - XSS / XXE
XML External Entity (XXE)
High WAF Coverage
OWASP: A05:2021 Security Misconfiguration
941xxx - XSS / XXE
Affected Software
| Vendor | Product | Version |
|---|---|---|
| magicsoftware | magic_xpi_integration_platform | 4.13.4 |
References
- ds-security.com (Exploit, Third Party Advisory)
- www2.magicsoftware.com (Release Notes, Vendor Advisory)