Soumettre #547585: youkefu v4.2.0 xxeinformation

Titreyoukefu v4.2.0 xxe
DescriptionThe YoukeFu system contains an XXE vulnerability that enables file reading, out-of-band (OOB) attacks, SSRF, and other exploits. The system fails to implement any defensive measures for the incoming routercontent parameter and directly parses the XML document passed through this parameter.
La source⚠️ https://github.com/askqiu/cve/blob/main/README.md
Utilisateur
 feverwizard (UID 83575)
Soumission01/04/2025 08:24 (il y a 1 Année)
Modérer03/04/2025 20:56 (3 days later)
StatutAccepté
Entrée VulDB303267 [zhangyanbo2007 youkefu jusqu’à 4.2.0 XML Document CallCenterRouterController.java routercontent XML External Entity]
Points15

PrécédentAperçuSuivant

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!