Crafter CMS Crafter Studio 3.0.1 is affected by: XML External Entity (XXE). An unauthenticated attacker is able to create a site with specially crafted XML that allows the retrieval of OS files out-of-band.
Metrics
Affected Vendors & Products
Advisories
Source | ID | Title |
---|---|---|
![]() |
EUVD-2022-0840 | Crafter CMS Crafter Studio 3.0.1 is affected by: XML External Entity (XXE). An unauthenticated attacker is able to create a site with specially crafted XML that allows the retrieval of OS files out-of-band. |
![]() |
GHSA-5hr6-vc97-qxxh | XML Injection in Crafter CMS Crafter Studio 3.0.1 |
Fixes
Solution
No solution given by the vendor.
Workaround
No workaround given by the vendor.
References
History
No history.

Status: PUBLISHED
Assigner: mitre
Published:
Updated: 2024-08-05T19:57:27.526Z
Reserved: 2017-10-20T00:00:00
Link: CVE-2017-15685

No data.

Status : Modified
Published: 2020-11-27T18:15:11.267
Modified: 2024-11-21T03:15:00.350
Link: CVE-2017-15685

No data.

No data.