XXE Vulnerability in Pepperminty-Wiki v0.15: Denial of Service and Remote Code Execution
CVE-2017-1000497 · CRITICAL Severity
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Pepperminty-Wiki version 0.15 is vulnerable to XXE attacks in the getsvgsize function resulting in denial of service and possibly remote code execution
Learn more about our Web Application Penetration Testing UK.