← volver
CVE-2012-2239

CVE-2012-2239

EPSS 1.6%
Mahara 1.4.x before 1.4.4 and 1.5.x before 1.5.3 allows remote attackers to read arbitrary files or create TCP connections via an XML external entity (XXE) injection attack, as demonstrated by reading config.php.
Productos afectados
n/a · n/a

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
https://bugs.launchpad.net/mahara/+bug/1047111https://mahara.org/interaction/forum/topic.php?id=4869http://www.debian.org/security/2012/dsa-2591