CVE Published: 18/10/2023 |
CVE Updated: 03/12/2024 |
CVE Year: 2023 Source: jpcert |
Vendor: North Grid Corporation |
Product: Proself Enterprise/Standard Edition Status : PUBLISHED
CVE-2023-45727 Description
Proself Enterprise/Standard Edition Ver5.62 and earlier, Proself Gateway Edition Ver1.65 and earlier, and Proself Mail Sanitize Edition Ver1.08 and earlier allow a remote unauthenticated attacker to conduct XML External Entity (XXE) attacks. By processing a specially crafted request containing malformed XML data, arbitrary files on the server containing account information may be read by the attacker.