e-Tax software Version3.0.10 and earlier improperly restricts XML external entity references (XXE) due to the configuration of the embedded XML parser. By processing a specially crafted XML file, arbitrary files on the system may be read by an attacker.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: jpcert
Published: 2023-11-06T01:25:12.005Z
Updated: 2024-09-05T13:57:30.417Z
Reserved: 2023-10-27T00:30:24.289Z
Link: CVE-2023-46802
Vulnrichment
Updated: 2024-08-02T20:53:21.701Z
NVD
Status : Analyzed
Published: 2023-11-06T02:15:07.333
Modified: 2023-11-14T15:30:13.830
Link: CVE-2023-46802
Redhat
No data.