XML External Entity (XXE) Vulnerability in Ventrian News-Articles Version NewsArticles.00.09.11

XML External Entity (XXE) Vulnerability in Ventrian News-Articles Version NewsArticles.00.09.11

CVE-2018-1000515 · MEDIUM Severity

AV:N/AC:L/AU:N/C:P/I:N/A:N

ventrian News-Articles version NewsArticles.00.09.11 contains a XML External Entity (XXE) vulnerability in News-Articles/API/MetaWebLog/Handler.ashx.vb that can result in Attacker can read any file in the server or use smbrelay attack to access to server..

Learn more about our Web App Pen Testing.