Vulnerabilities > CVE-2018-14383 - XXE vulnerability in Ttpsc the Scheduler 5.1.3

047910
CVSS 5.0 - MEDIUM
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
NONE
Availability impact
NONE
network
low complexity
ttpsc
CWE-611

Summary

The Transition Technologies "The Scheduler" app 5.1.3 for Jira allows XXE due to a weakly configured/parameterized XML parser. It was fixed in the versions 5.2.1 and 3.3.7

Vulnerable Configurations

Part Description Count
Application
Ttpsc
1