textpattern version version 4.6.2 contains a XML Injection vulnerability in Import XML feature that can result in Denial of service in context to the web server by exhausting server memory resources. This attack appear to be exploitable via Uploading a specially crafted XML file.
References
Link | Resource |
---|---|
https://github.com/textpattern/textpattern/issues/1141 | Exploit Issue Tracking Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2018-03-13T15:00:00
Updated: 2018-03-13T14:57:01
Reserved: 2018-02-21T00:00:00
Link: CVE-2018-1000090
JSON object: View
NVD Information
Status : Analyzed
Published: 2018-03-13T15:29:01.440
Modified: 2018-04-13T14:37:29.537
Link: CVE-2018-1000090
JSON object: View
Redhat Information
No data.
CWE