Vulnerabilities > CVE-2019-20191 - XXE vulnerability in Sync Oxygen XML Editor

047910
CVSS 7.5 - HIGH
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
HIGH
Integrity impact
NONE
Availability impact
NONE
network
low complexity
sync
CWE-611
NVD
Published: 2020-03-16
Updated: 2023-11-07

Summary

Oxygen XML Editor 21.1.1 allows XXE to read any file.

Vulnerable Configurations

Part Description Count
Application
Sync
68

Common Weakness Enumeration (CWE)

References