CVE-2024-36827 | ebookmeta up to 1.2.7 XML ebookmeta.get_metadata xml external entity reference (Issue 16)

Posted by Angelo Barbosa | Jun 7, 2024 | CVE

A vulnerability, which was classified as problematic, has been found in ebookmeta up to 1.2.7. This issue affects the function ebookmeta.get_metadata of the component XML Handler. The manipulation leads to xml external entity reference.

The identification of this vulnerability is CVE-2024-36827. The attack can only be initiated within the local network. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-36827 | ebookmeta up to 1.2.7 XML ebookmeta.get_metadata xml external entity reference (Issue 16)

Related Posts

CVE-2024-25675 | MISP up to 2.4.183 Export Generation JobsController.php information disclosure

CVE-2024-34809 | Extend Themes EmpowerWP Plugin up to 1.0.21 on WordPress cross-site request forgery

CVE-2023-37495 | HCL Domino Server 9/10/11/12 User Registration excessive authentication (KB0107585)

CVE-2024-47515 | pagure Temporary Clone generate_archive symlink