Vulnerabilities > CVE-2019-19998 - XXE vulnerability in Xiuno Xiunobbs 4.0

047910
CVSS 5.0 - MEDIUM
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
NONE
Availability impact
NONE
network
low complexity
xiuno
CWE-611

Summary

Xiuno BBS 4.0 allows XXE via plugin/xn_wechat_public/route/token.php.

Vulnerable Configurations

Part Description Count
Application
Xiuno
1