CVE-2017-15683
CVSS v3.1
8.6 (High)
CVSS v2.0
5 (Medium)
EPSS
0.18 % (55th)
Affected Products
1
Advisories
1
In Crafter CMS Crafter Studio 3.0.1 an unauthenticated attacker is able to create a site with specially crafted XML that allows the retrieval of OS files out-of-band.
Weaknesses
- CWE-91
- XML Injection (aka Blind XPath Injection)
- CVE Status
- PUBLISHED
- CNA
- MITRE
- Published Date
-
2020-11-27 18:15:11
(3 years ago) - Updated Date
-
2020-11-28 22:47:24
(3 years ago)
Affected Products
Loading...
Loading...
Loading...
Configuration #1
|
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...