Critical severity9.8NVD Advisory· Published Jun 5, 2018· Updated Jun 17, 2026
CVE-2018-11586
CVE-2018-11586
Description
XML external entity (XXE) vulnerability in api/rest/status in SearchBlox 8.6.7 allows remote unauthenticated users to read arbitrary files or conduct server-side request forgery (SSRF) attacks via a crafted DTD in an XML request.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
1- Range: =8.6.7
Patches
Vulnerability mechanics
References
3- packetstormsecurity.com/files/148032/SearchBlox-8.6.7-XML-External-Entity-Injection.htmlnvdExploitThird Party AdvisoryVDB Entry
- gurelahmet.com/searchblox-8-6-7-out-of-band-xml-external-entity-oob-xxe-cve-2018-11586/nvdExploitThird Party Advisory
- www.exploit-db.com/exploits/44827/nvdExploitThird Party AdvisoryVDB Entry
News mentions
0No linked articles in our index yet.