XML External Entity (XXE) Vulnerability in Crafter CMS Crafter Studio 3.0.1

CVE-2017-15685 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N

Crafter CMS Crafter Studio 3.0.1 is affected by: XML External Entity (XXE). An unauthenticated attacker is able to create a site with specially crafted XML that allows the retrieval of OS files out-of-band.

Learn more about our Cms Pen Testing.