High severityNVD Advisory· Published Feb 14, 2023· Updated Mar 20, 2025
CVE-2023-24187
CVE-2023-24187
Description
An XML External Entity (XXE) vulnerability in ureport v2.2.9 allows attackers to execute arbitrary code via uploading a crafted XML file to /ureport/designer/saveReportFile.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
com.bstek.ureport:ureport2-coreMaven | <= 2.2.9 | — |
Affected products
2- ureport/ureportdescription
Patches
Vulnerability mechanics
References
5News mentions
0No linked articles in our index yet.