CVE-2023-38343

Posted on by admin

CVE-2023-38343

An XXE (XML external entity injection) vulnerability exists in the CSEP component of Ivanti Endpoint Manager before 2022 SU4. External entity references are enabled in the XML parser configuration. Exploitation of this vulnerability can lead to file disclosure or Server Side Request Forgery.

Source: CVE-2023-38343

답글 남기기

이메일 주소는 공개되지 않습니다. 필수 필드는 *로 표시됩니다