Vulnerabilities > CVE-2020-15232 - XXE vulnerability in Mapfish Print

047910
CVSS 6.4 - MEDIUM
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
NONE
Availability impact
PARTIAL
network
low complexity
mapfish
CWE-611

Summary

In mapfish-print before version 3.24, a user can do to an XML External Entity (XXE) attack with the provided SDL style.