XML External Entity (XXE) Vulnerability in XML Parser for REST Server
CVE-2018-1000823 · CRITICAL Severity
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
exist version <= 5.0.0-RC4 contains a XML External Entity (XXE) vulnerability in XML Parser for REST Server that can result in Disclosure of confidential data, denial of service, SSRF, port scanning.
Learn more about our Cis Benchmark Audit For Server Software.