Improper Restriction of XML External Entity Reference vulnerability in SFS Consulting ww.Winsure allows XML Injection.This issue affects ww.Winsure: before 4.6.2.
History

Fri, 20 Sep 2024 17:30:00 +0000

Type Values Removed Values Added
First Time appeared Sfs
Sfs winsure
CPEs cpe:2.3:a:sfs:winsure:*:*:*:*:*:*:*:*
Vendors & Products Sfs
Sfs winsure
Metrics cvssV3_1

{'score': 9.8, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H'}


Tue, 17 Sep 2024 02:30:00 +0000

Type Values Removed Values Added
First Time appeared Sfs Consulting
Sfs Consulting wwwinsure
CPEs cpe:2.3:a:sfs_consulting:wwwinsure:*:*:*:*:*:*:*:*
Vendors & Products Sfs Consulting
Sfs Consulting wwwinsure
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}


Mon, 16 Sep 2024 15:00:00 +0000

Type Values Removed Values Added
Description Improper Restriction of XML External Entity Reference vulnerability in SFS Consulting ww.Winsure allows XML Injection.This issue affects ww.Winsure: before 4.6.2.
Title XML Injection in SFS Consulting's ww.Winsure
Weaknesses CWE-611
References
Metrics cvssV4_0

{'score': 9.2, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:L/SC:H/SI:N/SA:N'}


cve-icon MITRE

Status: PUBLISHED

Assigner: TR-CERT

Published: 2024-09-16T14:50:42.192Z

Updated: 2024-09-17T10:55:54.015Z

Reserved: 2024-07-25T08:59:09.708Z

Link: CVE-2024-7098

cve-icon Vulnrichment

Updated: 2024-09-16T16:30:14.310Z

cve-icon NVD

Status : Analyzed

Published: 2024-09-16T15:15:17.223

Modified: 2024-09-20T17:14:53.063

Link: CVE-2024-7098

cve-icon Redhat

No data.