XML External Entity (XXE) injection vulnerabilities occur when poorly configured XML parsers process user supplied input without sufficient validation. Attackers can exploit this vulnerability to manipulate XML content and inject malicious external entity references.
References
Link | Resource |
---|---|
https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0097124 | Vendor Advisory |
Configurations
History
24 May 2022, 15:52
Type | Values Removed | Values Added |
---|---|---|
First Time |
Hcltech
Hcltech unica |
|
References | (MISC) https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0097124 - Vendor Advisory | |
CVSS |
v2 : v3 : |
v2 : 5.0
v3 : 7.5 |
CWE | CWE-611 | |
CPE | cpe:2.3:a:hcltech:unica:*:*:*:*:*:*:*:* |
12 May 2022, 22:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2022-05-12 22:15
Updated : 2023-12-10 14:22
NVD link : CVE-2021-27777
Mitre link : CVE-2021-27777
CVE.ORG link : CVE-2021-27777
JSON object : View
Products Affected
hcltech
- unica