Show filters
1 Total Results
Displaying 1-1 of 1
Sort by:
Attacker Value
Unknown

CVE-2017-18197

Disclosure Date: February 24, 2018 (last updated October 06, 2023)
In mxGraphViewImageReader.java in mxGraph before 3.7.6, the SAXParserFactory instance in convert() is missing flags to prevent XML External Entity (XXE) attacks, as demonstrated by /ServerView.
Attack Vector: NetworkPrivileges: NoneUser Interaction: None
0
0