Back

CVE-2024-22219

Aug. 15, 2024, 6:15 p.m.

Received
CVE has been recently published to the CVE List and has been received by the NVD.

Products

XML JDBC

  • up to 1.0.4

Terminalfour

  • 8.0.0001 - 8.3.18

Source

cve@mitre.org

Tags

cve@mitre.org
2024-08-15
CVE-2024-22219

CVE-2024-22219 details

Published : Aug. 15, 2024, 6:15 p.m.
Last Modified : Aug. 15, 2024, 6:15 p.m.

Description

XML External Entity (XXE) vulnerability in Terminalfour 8.0.0001 through 8.3.18 and XML JDBC versions up to 1.0.4 allows authenticated users to submit malicious XML via unspecified features which could lead to various actions such as accessing the underlying server, remote code execution (RCE), or performing Server-Side Request Forgery (SSRF) attacks.

CVSS Score

1 2 3 4 5 6 7 8 9 10

Weakness

Weakness Name Description

References

URL Source
https://docs.terminalfour.com/articles/release-notes-highlights/ cve@mitre.org
https://docs.terminalfour.com/release-notes/security-notices/cve-2024-22218--cve-2024-22219/ cve@mitre.org
This website uses the NVD API, but is not approved or certified by it.