CVE-2024-8602 | Schweizerische Steuerkonferenz Library taxstatement.jar 2.2.2/2.2.4 on Windows PDF DocumentBuilder xml external entity reference

Inserito da Angelo Barbosa | Ott 14, 2024 | CVE

A vulnerability classified as problematic has been found in Schweizerische Steuerkonferenz Library taxstatement.jar 2.2.2/2.2.4 on Windows. Affected is the function DocumentBuilder of the component PDF Handler. The manipulation leads to xml external entity reference.

This vulnerability is traded as CVE-2024-8602. The attack can only be done within the local network. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-8602 | Schweizerische Steuerkonferenz Library taxstatement.jar 2.2.2/2.2.4 on Windows PDF DocumentBuilder xml external entity reference

Post correlati

CVE-2023-6985 | 10Web AI Assistant Plugin up to 1.0.18 on WordPress Plugin Installation authorization

CVE-2024-2117 | Elementor Website Builder Plugin up to 3.20.2 on WordPress Path Widget cross site scripting

CVE-2024-44682 | ShopXO 6.2 POST Parameter cross site scripting

AMI AptioV BIOS input validation