CVE-2017-15280

CVE-2017-15280

XML external entity (XXE) vulnerability in Umbraco CMS before 7.7.3 allows attackers to obtain sensitive information by reading files on the server or sending TCP requests to intranet hosts (aka SSRF), related to Umbraco.Web/umbraco.presentation/umbraco/dialogs/importDocumenttype.aspx.cs.

Source: CVE-2017-15280

답글 남기기

이메일 주소는 공개되지 않습니다. 필수 필드는 *로 표시됩니다