CVE-2024-28039

Summary

Improper restriction of XML external entity references vulnerability exists in FitNesse all releases, which allows a remote unauthenticated attacker to obtain sensitive information, alter data, or cause a denial-of-service (DoS) condition.

Affected Software

VendorProductVersion RangeStatus
unclebobFitNesseall releasesaffected

Weaknesses

  • XML external entities (XXE)

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: yes
    • Technical Impact: total

CVE Program Container

Additional References

References