CVE-2018-3881
9.4
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:H
Summary
An exploitable unauthenticated XML external injection vulnerability was identified in FocalScope v2416. A unauthenticated attacker could submit a specially crafted web request to FocalScope's server that could cause an XXE, and potentially result in data compromise.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| FocalScope | Focalscope | v2416 | affected |
Weaknesses
- Improper Restriction of XML External Entity Reference
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.