Security Advisory

CVE-2022-32458

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2022-07-20 02:01:30

Last updated 2024-09-16 18:39:22

Assigner twcert

State PUBLISHED

Description

Digiwin BPM has a XML External Entity Injection (XXE) vulnerability due to insufficient validation for user input. An unauthenticated remote attacker can perform XML injection attack to access arbitrary system files.

← Browse all CVEs View on cve.org ↗