CVE-2019-10718

CVE-2019-10718

EPSS 2.7%

BlogEngine.NET 3.3.7.0 and earlier allows XML External Entity Blind Injection, related to pingback.axd and BlogEngine.Core/Web/HttpHandlers/PingbackHandler.cs.

Produtos afetados

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →

Referências

http://packetstormsecurity.com/files/153364/BlogEngine.NET-3.3.6-3.3.7-XML-Injection.html https://www.securitymetrics.com/blog/blogenginenet-xml-external-entity-attacks