CVE-2020-25215

CVE-2020-25215

EPSS 1.2%

yWorks yEd Desktop before 3.20.1 allows XXE attacks via an XML or GraphML document.

Produtos afetados

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →

Referências

https://www.yworks.com/products/yed/download https://zigrin.com/advisories/yworks-yed-graph-editor-xml-external-entity-injection/