CVE-2024-7098

Improper Restriction of XML External Entity Reference vulnerability in SFS Consulting ww.Winsure allows XML Injection.This issue affects ww.Winsure: before 4.6.2.
References
Link Resource
https://www.usom.gov.tr/bildirim/tr-24-1475 Broken Link Third Party Advisory
Configurations

Configuration 1 (hide)

cpe:2.3:a:sfs:winsure:*:*:*:*:*:*:*:*

History

20 Sep 2024, 17:14

Type Values Removed Values Added
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 9.8
References () https://www.usom.gov.tr/bildirim/tr-24-1475 - () https://www.usom.gov.tr/bildirim/tr-24-1475 - Broken Link, Third Party Advisory
First Time Sfs
Sfs winsure
Summary
  • (es) La vulnerabilidad de restricción incorrecta de referencia de entidad externa XML en SFS Consulting ww.Winsure permite la inyección XML. Este problema afecta a ww.Winsure: antes de 4.6.2.
CPE cpe:2.3:a:sfs:winsure:*:*:*:*:*:*:*:*

16 Sep 2024, 15:15

Type Values Removed Values Added
New CVE

Information

Published : 2024-09-16 15:15

Updated : 2024-09-20 17:14


NVD link : CVE-2024-7098

Mitre link : CVE-2024-7098

CVE.ORG link : CVE-2024-7098


JSON object : View

Products Affected

sfs

  • winsure
CWE
CWE-611

Improper Restriction of XML External Entity Reference