High severity7.5OSV Advisory· Published Oct 29, 2018· Updated Jun 17, 2026
CVE-2018-18737
CVE-2018-18737
Description
An XXE issue was discovered in Douchat 4.0.4 because Data\notify.php calls simplexml_load_string. This can also be used for SSRF.
Affected products
2Patches
Vulnerability mechanics
References
1- github.com/AvaterXXX/douchat/blob/master/xxe.mdnvdExploitThird Party Advisory
News mentions
0No linked articles in our index yet.