Unrated severityOSV Advisory· Published Dec 20, 2018· Updated Sep 16, 2024

CVE-2018-1000834

Description

runelite version <= runelite-parent-1.4.23 contains a XML External Entity (XXE) vulnerability in Man in the middle runscape services call that can result in Disclosure of confidential data, denial of service, SSRF, port scanning.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

Runelite/RuneliteOSV2 versions
runelite-parent-1.0, runelite-parent-1.1.0, runelite-parent-1.1.1, …+ 1 more
- (no CPE)range: runelite-parent-1.0, runelite-parent-1.1.0, runelite-parent-1.1.1, …
- (no CPE)range: <= runelite-parent-1.4.23

Patches

Vulnerability mechanics

References

0dd.zone/2018/10/28/runelite-XXE-MitM/mitrex_refsource_MISC
github.com/runelite/runelite/issues/6160mitrex_refsource_MISC

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.001
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000