CVE-2024-36827 | ebookmeta up to 1.2.7 XML ebookmeta.get_metadata xml external entity reference (Issue 16)

Inserito da Angelo Barbosa | Giu 7, 2024 | CVE

A vulnerability, which was classified as problematic, has been found in ebookmeta up to 1.2.7. This issue affects the function ebookmeta.get_metadata of the component XML Handler. The manipulation leads to xml external entity reference.

The identification of this vulnerability is CVE-2024-36827. The attack can only be initiated within the local network. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-36827 | ebookmeta up to 1.2.7 XML ebookmeta.get_metadata xml external entity reference (Issue 16)

Post correlati

CVE-2024-29153 | Samsung Exynos Modem 5300 LTE improper authorization

CVE-2024-23790 | OTRS up to 7.0.48/8.0.37/2023.1.1 User Avatar unrestricted upload

CVE-2024-4417 | Falang Multilanguage Plugin up to 1.3.49 on WordPress cross site scripting

CVE-2024-38474 | Apache HTTP Server up to 2.4.59 mod_rewrite encoding error