CVE-2020-26708

CVE-2020-26708

EPSS 0.7%

requests-xml v0.2.3 was discovered to contain an XML External Entity Injection (XXE) vulnerability which allows attackers to execute arbitrary code via a crafted XML file.

Productos afectados

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →

Referencias

https://github.com/erinxocon/requests-xml/issues/7 https://security.netapp.com/advisory/ntap-20230908-0003/