ГлавнаяУязвимости → CVE-2024-29010
7.1высокая

CVE-2024-29010

Описание

The XML document processed in the GMS ECM URL endpoint is vulnerable to XML external entity (XXE) injection, potentially resulting in the disclosure of sensitive information. This issue affects GMS: 9.3.4 and earlier versions.

CVSS
Балл7.1 — высокая
ВекторCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N
Источники
https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2024-0007https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2024-0007