DTD Vulnerability: Exploiting Administrator Workflow Definition Entitlements for Malicious Operations

DTD Vulnerability: Exploiting Administrator Workflow Definition Entitlements for Malicious Operations

CVE-2018-17186 · MEDIUM Severity

AV:N/AC:L/AU:S/C:P/I:P/A:P

An administrator with workflow definition entitlements can use DTD to perform malicious operations, including but not limited to file read, file write, and code execution.

Learn more about our Web Application Penetration Testing UK.