CVE-2018-14473
CVE-2018-14473
OCS Inventory 2.4.1 lacks a proper XML parsing configuration, allowing the use of external entities. This issue can be exploited by an attacker sending a crafted HTTP request in order to exfiltrate information or cause a Denial of Service.
Affected products
n/a · n/aWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →