Looking for the vulnerability index of Invicti's legacy products?
OpenCms Chemistry XML External Entity (XXE) vulnerability (CVE-2023-42344) - Vulnerability Database

OpenCms Chemistry XML External Entity (XXE) vulnerability (CVE-2023-42344)

Description

Apache Chemistry component in OpenCms has an XXE vulnerability. This vulnerability allows an attacker to send crafted requests to a web application for extraction of secrets from the file system, server-side request forgery, or denial-of-service attacks.

Remediation

Upgrade to the latest version of OpenCms

Related Vulnerabilities