MPXJ through 8.1.3 allows XXE attacks. This affects the GanttProjectReader and PhoenixReader components.
References
Link | Resource |
---|---|
https://github.com/joniles/mpxj/pull/178/commits/c3e457f7a16facfe563eade82b0fa8736a8c96f9 | Patch Third Party Advisory |
https://www.oracle.com/security-alerts/cpujan2021.html | Patch Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2020-08-29T18:31:48
Updated: 2021-01-20T14:42:08
Reserved: 2020-08-29T00:00:00
Link: CVE-2020-25020
JSON object: View
NVD Information
Status : Analyzed
Published: 2020-08-29T19:15:14.230
Modified: 2022-09-02T15:29:44.797
Link: CVE-2020-25020
JSON object: View
Redhat Information
No data.
CWE