Submit #547585: youkefu v4.2.0 xxeinfo

Titelyoukefu v4.2.0 xxe
BeschreibungThe YoukeFu system contains an XXE vulnerability that enables file reading, out-of-band (OOB) attacks, SSRF, and other exploits. The system fails to implement any defensive measures for the incoming routercontent parameter and directly parses the XML document passed through this parameter.
Quelle⚠️ https://github.com/askqiu/cve/blob/main/README.md
Benutzer
 feverwizard (UID 83575)
Einreichung01.04.2025 08:24 (vor 1 Jahr)
Moderieren03.04.2025 20:56 (3 days later)
StatusAkzeptiert
VulDB Eintrag303267 [zhangyanbo2007 youkefu bis 4.2.0 XML Document CallCenterRouterController.java routercontent XML External Entity]
Punkte15

ZurückÜbersichtWeiter

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!