Vulnerability: JSON Sanitization Exception in NATO Communications and Information Agency anet (aka Advisor Network)

CVE-2023-31441 · MEDIUM Severity

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

In NATO Communications and Information Agency anet (aka Advisor Network) through 3.3.0, an attacker can provide a crafted JSON file to sanitizeJson and cause an exception. This is related to the U+FFFD Unicode replacement character. A for loop does not consider that a data structure is being modified during loop execution.

Learn more about our Network Penetration Testing.