Vulnerabilities > CVE-2022-45326 - XXE vulnerability in Kwoksys Information Server
Attack vector
NETWORK Attack complexity
LOW Privileges required
HIGH Confidentiality impact
HIGH Integrity impact
NONE Availability impact
NONE Summary
An XML external entity (XXE) injection vulnerability in Kwoksys Kwok Information Server before v2.9.5.SP31 allows remote authenticated users to conduct server-side request forgery (SSRF) attacks.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 8 |