XXE Vulnerability in Commsy Version 9.0.0: Denial of Service and Remote Code Execution

XXE Vulnerability in Commsy Version 9.0.0: Denial of Service and Remote Code Execution

CVE-2017-1000496 · MEDIUM Severity

AV:N/AC:M/AU:N/C:P/I:P/A:P

Commsy version 9.0.0 is vulnerable to XXE attacks in the configuration import functionality resulting in denial of service and possibly remote execution of code.

Learn more about our Web Application Penetration Testing UK.