CIPPlanner CIPAce 9.1 Build 2019092801 XXE Vulnerability

CIPPlanner CIPAce 9.1 Build 2019092801 XXE Vulnerability

CVE-2020-11586 · CRITICAL Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

An XXE issue was discovered in CIPPlanner CIPAce 9.1 Build 2019092801. An unauthenticated attacker can make an API request that contains malicious XML DTD data.

Learn more about our Api Penetration Testing.