CVE-2023-42346

HIGH7.5EPSS 0.08%

Alkacon OpenCms is vulnerable to XXE when the <!DOCTYPE> refers to an external host

發布日:2026/5/8修改日:2026/5/14
也稱為:GHSA-pj6p-9p8x-5mfc

描述

Alkacon OpenCms before 16 allows XXE when the <!DOCTYPE> refers to an external host.

受影響套件(1)

CVSS 分數

來源版本嚴重程度向量
osvCVSS 3.1HIGH7.5CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

參考連結(3)