Unrated severityNVD Advisory· Published May 19, 2023· Updated Nov 22, 2024

Weaver e-cology API RequestInfoByXml xml external entity reference

CVE-2023-2806

Description

A vulnerability classified as problematic was found in Weaver e-cology up to 9.0. Affected by this vulnerability is the function RequestInfoByXml of the component API. The manipulation leads to xml external entity reference. The associated identifier of this vulnerability is VDB-229411. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

Affected products

Weaver/E Cologyv5
Range: 9.0

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

github.com/Strangenees/e-cology/blob/main/main.mdmitrerelated
vuldb.commitresignaturepermissions-required
vuldb.commitrevdb-entrytechnical-description

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000