CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
EPSS
Percentile
86.9%
Security researcher Chris Evans reported an error in the method used to parse the default namespace in an E4X document. The error was caused by quote characters in the namespace not being properly escaped. The severity of this issue was determined to be low.