Unrated severityNVD Advisory· Published Jul 15, 2020· Updated Aug 4, 2024
CVE-2020-12684
CVE-2020-12684
Description
XXE injection can occur in i-net Clear Reports 2019 19.0.287 (Designer), as used in i-net HelpDesk and other products, when XML input containing a reference to an external entity is processed by a weakly configured XML parser.
Affected products
2- i-net/Clear Reportsdescription
- Range: =19.0.287
Patches
Vulnerability mechanics
References
2- www.inetsoftware.de/documentation/clear-reports/release-notes/releasesmitrex_refsource_MISC
- www.inetsoftware.de/documentation/clear-reports/release-notes/releases/changes_20.4mitrex_refsource_CONFIRM
News mentions
0No linked articles in our index yet.