CVE-2024-21796 | Ministry of Defense Electronic Deliverables Creation Support Tool (Construction Edition) XML File xml external entity reference

Inserito da Angelo Barbosa | Gen 24, 2024 | CVE

A vulnerability classified as problematic has been found in Ministry of Defense Electronic Deliverables Creation Support Tool (Construction Edition) and Electronic Deliverables Creation Support Tool up to 1.0.3. This affects an unknown part of the component XML File Handler. The manipulation leads to xml external entity reference.

This vulnerability is uniquely identified as CVE-2024-21796. The attack needs to be done within the local network. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-21796 | Ministry of Defense Electronic Deliverables Creation Support Tool (Construction Edition) XML File xml external entity reference

Post correlati

CVE-2023-52059 | Gestsup 3.2.46 Description cross site scripting

CVE-2023-6082 | Chartjs Plugin up to 2023.2 on WordPress cross site scripting

CVE-2023-51655 | JetBrains IntelliJ IDEA prior 2023.3.2 Project Configuration unknown vulnerability

CVE-2024-25050 | IBM i/Rational Development Studio for i 7.2/7.3/7.4/7.5 Networking/Compiler Infrastructure uncontrolled search path (XFDB-283242)