High severity7.5NVD Advisory· Published Nov 3, 2022· Updated Jun 17, 2026
CVE-2022-42745
CVE-2022-42745
Description
CandidATS version 3.0.0 allows an external attacker to read arbitrary files from the server. This is possible because the application is vulnerable to XXE.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- CandidATS/CandidATSdescription
Patches
Vulnerability mechanics
References
2- fluidattacks.com/advisories/jcole/nvdExploitThird Party Advisory
- candidats.netnvdProduct
News mentions
0No linked articles in our index yet.