Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
vulnrichmentJpcertVULNRICHMENT:CVE-2023-43624
HistoryOct 23, 2023 - 4:51 a.m.

CVE-2023-43624

2023-10-2304:51:39
jpcert
github.com
cx-designer
xml
vulnerability
disclosure
file system
cve-2023-43624

AI Score

6.5

Confidence

Low

SSVC

Exploitation

none

Automatable

no

Technical Impact

partial

JSON

CX-Designer Ver.3.740 and earlier (included in CX-One CXONE-AL[][]D-V4) contains an improper restriction of XML external entity reference (XXE) vulnerability. If a user opens a specially crafted project file created by an attacker, sensitive information in the file system where CX-Designer is installed may be disclosed.

Related

prion 1
cvelist 1
nvd 1
cve 1
prion
prion
Xxe
2023-10-23 05:15:00
cvelist
cvelist
CVE-2023-43624
2023-10-23 04:51:39
nvd
nvd
CVE-2023-43624
2023-10-23 05:15:07
cve
cve
CVE-2023-43624
2023-10-23 05:15:07

AI Score

6.5

Confidence

Low

SSVC

Exploitation

none

Automatable

no

Technical Impact

partial

JSON
Related for VULNRICHMENT:CVE-2023-43624
prion1cvelist1nvd1cve1