XML External Entity (XXE) Vulnerability in FD Application Apr. 2022 Edition (Version 9.01) and Earlier

XML External Entity (XXE) Vulnerability in FD Application Apr. 2022 Edition (Version 9.01) and Earlier

CVE-2023-42132 · MEDIUM Severity

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

FD Application Apr. 2022 Edition (Version 9.01) and earlier improperly restricts XML external entity references (XXE). By processing a specially crafted XML file, arbitrary files on the system may be read by an attacker.

Learn more about our External Network Penetration Testing.