The XML parser used in ConeXware PowerArchiver before 20.10.02 allows processing of external entities, which might lead to exfiltration of local files over the network (via an XXE attack).
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2021-06-21T12:13:26
Updated: 2024-08-03T21:47:33.126Z
Reserved: 2021-03-18T00:00:00
Link: CVE-2021-28684
Vulnrichment
No data.
NVD
Status : Modified
Published: 2021-06-21T13:15:08.037
Modified: 2024-11-21T06:00:08.247
Link: CVE-2021-28684
Redhat
No data.