Show filters
2 Total Results
Displaying 1-2 of 2
Sort by:
Attacker Value
Unknown

CVE-2021-37425

Disclosure Date: August 10, 2021 (last updated February 23, 2025)
Altova MobileTogether Server before 7.3 SP1 allows XXE attacks, such as an InfoSetChanges/Changes attack against /workflowmanagement, or reading mobiletogetherserver.cfg and then reading the certificate and private key.
Attack Vector: NetworkPrivileges: NoneUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2021-38490

Disclosure Date: August 10, 2021 (last updated February 23, 2025)
Altova MobileTogether Server before 7.3 SP1 allows XML exponential entity expansion, a different vulnerability than CVE-2021-37425.
Attack Vector: NetworkPrivileges: NoneUser Interaction: None
0
0