CVE-2022-34269 | RWS WorldServer up to 11.7.2 Apache Axis Service ws-legacy/load_dtd system_id server-side request forgery

Posted by Angelo Barbosa | Dec 25, 2023 | CVE

A vulnerability was found in RWS WorldServer up to 11.7.2. It has been declared as critical. This vulnerability affects unknown code of the file ws-legacy/load_dtd of the component Apache Axis Service. The manipulation of the argument system_id leads to server-side request forgery.

This vulnerability was named CVE-2022-34269. The attack can be initiated remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2022-34269 | RWS WorldServer up to 11.7.2 Apache Axis Service ws-legacy/load_dtd system_id server-side request forgery

Related Posts

CVE-2024-9346 | Embed Videos and Respect Privacy Plugin up to 1.2 on WordPress cross site scripting

CVE-2024-0800 | Arcserve Unified Data Protection up to 8.1/9.2 ImportNodeServlet unrestricted upload

CVE-2024-4280 | White Label CMS Plugin up to 2.7.3 on WordPress Setting authorization

CVE-2024-41518 | Feripro up to 2.2.3 XLSX File statistics access control