Multiple WSO2 products have been identified as vulnerable due to an XML External Entity (XXE) attack abuses a widely available but rarely used feature of XML parsers to access sensitive information.
References
Link | Resource |
---|---|
https://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2021/WSO2-2020-0716/ | Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: WSO2
Published: 2023-12-15T09:26:01.323Z
Updated: 2024-01-09T05:03:32.570Z
Reserved: 2023-12-15T09:25:13.205Z
Link: CVE-2023-6836
JSON object: View
NVD Information
Status : Analyzed
Published: 2023-12-15T10:15:09.407
Modified: 2023-12-19T13:52:56.807
Link: CVE-2023-6836
JSON object: View
Redhat Information
No data.
CWE