Vulnerabilities > CVE-2019-19032 - XXE vulnerability in Xmlblueprint

047910
CVSS 5.5 - MEDIUM
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
SINGLE
Confidentiality impact
PARTIAL
Integrity impact
NONE
Availability impact
PARTIAL
network
low complexity
xmlblueprint
CWE-611
exploit available

Summary

XMLBlueprint through 16.191112 is affected by XML External Entity Injection. The impact is: Arbitrary File Read when an XML File is validated. The component is: XML Validate function. The attack vector is: Specially crafted XML payload.

Exploit-Db

idEDB-ID:47974
last seen2020-01-29
modified2020-01-29
published2020-01-29
reporterExploit-DB
sourcehttps://www.exploit-db.com/download/47974
titleXMLBlueprint 16.191112 - XML External Entity Injection

Packetstorm

data sourcehttps://packetstormsecurity.com/files/download/156139/xmlblueprint16-xml.txt
idPACKETSTORM:156139
last seen2020-01-30
published2020-01-29
reporterJavier Olmedo
sourcehttps://packetstormsecurity.com/files/156139/XMLBlueprint-16.191112-XML-Injection.html
titleXMLBlueprint 16.191112 XML Injection