Security Advisory

CVE-2021-41770

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2021-10-07 06:24:36
Last updated 2024-08-04 03:15:29
Assigner Ping Identity
State PUBLISHED

Description

Ping Identity PingFederate before 10.3.1 mishandles pre-parsing validation, leading to an XXE attack that can achieve XML file disclosure.

← Browse all CVEs View on cve.org ↗