Security Advisory

CVE-2023-27527

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2023-05-10 00:00:00

Last updated 2025-01-28 14:19:39

Assigner jpcert

State PUBLISHED

Description

Shinseiyo Sogo Soft (7.9A) and earlier improperly restricts XML external entity references (XXE). By processing a specially crafted XML file, arbitrary files on the PC may be accessed by an attacker.

← Browse all CVEs View on cve.org ↗