Xxe

2016-07-1722:59:00

PRIOn knowledge base

www.prio-n.com

6.8 Medium

AI Score

Confidence

Low

0.003 Low

EPSS

Percentile

65.6%

JSON

IBM Traveler 8.x and 9.x before 9.0.1.12 allows remote authenticated users to read arbitrary files or cause a denial of service (memory consumption) via XML data containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue.

CPENameOperatorVersion
travelereq9.0.1
travelereq9.0
travelereq8.5.3

Name	Operator	Version
traveler	eq	9.0.1
traveler	eq	9.0
traveler	eq	8.5.3

References

www-01.ibm.com/support/docview.wss?uid=swg1LO89357

www-01.ibm.com/support/docview.wss?uid=swg21985858

www.securityfocus.com/bid/91796