An issue was discovered in service-api before 4.3.12 and 5.x before 5.1.1 for Report Portal. It allows XXE, with resultant secrets disclosure and SSRF, via JUnit XML launch import.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2020-05-04T15:14:14
Updated: 2024-08-04T12:04:22.528Z
Reserved: 2020-05-04T00:00:00
Link: CVE-2020-12642
Vulnrichment
No data.
NVD
Status : Modified
Published: 2020-05-04T16:15:12.147
Modified: 2024-11-21T04:59:58.167
Link: CVE-2020-12642
Redhat
No data.