Medium severity4.9NVD Advisory· Published Dec 6, 2022· Updated Jun 17, 2026
CVE-2022-45326
CVE-2022-45326
Description
An XML external entity (XXE) injection vulnerability in Kwoksys Kwok Information Server before v2.9.5.SP31 allows remote authenticated users to conduct server-side request forgery (SSRF) attacks.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2(expand)+ 1 more
- (no CPE)
- (no CPE)range: <2.9.5.SP31
Patches
Vulnerability mechanics
References
2- www.navsec.net/2022/11/12/kwoksys-xxe.htmlnvdExploitPatchThird Party Advisory
- www.kwoksys.com/wiki/index.phpnvdRelease NotesVendor Advisory
News mentions
0No linked articles in our index yet.