Vulnerabilities > Sync
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-04-14 | CVE-2023-26559 | Path Traversal vulnerability in Sync Oxygen Content Fusion and Oxygen XML web Author A directory traversal vulnerability in Oxygen XML Web Author before 25.0.0.3 build 2023021715 and Oxygen Content Fusion before 5.0.3 build 2023022015 allows an attacker to read files from a WEB-INF directory via a crafted HTTP request. | 5.3 |
2020-03-16 | CVE-2019-20191 | XXE vulnerability in Sync Oxygen XML Editor Oxygen XML Editor 21.1.1 allows XXE to read any file. | 7.5 |