Vulnerabilities > CVE-2019-19998 - XXE vulnerability in Xiuno Xiunobbs 4.0

047910
CVSS 7.5 - HIGH
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
HIGH
Integrity impact
NONE
Availability impact
NONE
network
low complexity
xiuno
CWE-611
NVD
Published: 2019-12-26
Updated: 2020-01-07

Summary

Xiuno BBS 4.0 allows XXE via plugin/xn_wechat_public/route/token.php.

Vulnerable Configurations

Part Description Count
Application
Xiuno
1

Common Weakness Enumeration (CWE)

References