VYPR
High severity7.7NVD Advisory· Published Sep 15, 2021· Updated Jun 17, 2026

CVE-2021-30137

CVE-2021-30137

Description

Assyst 10 SP7.5 has authenticated XXE leading to SSRF via XML unmarshalling. The application allows users to send JSON or XML data to the server. It was possible to inject malicious XML data through several access points.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Assyst/Assystdescription
  • Assyst/Assystllm-create
    Range: 10 SP7.5

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.