Medium severity5.3NVD Advisory· Published Mar 24, 2023· Updated Jun 17, 2026
CVE-2023-28152
CVE-2023-28152
Description
An issue was discovered in Independentsoft JWord before 1.1.110. The API is prone to XML external entity (XXE) injection via a remote DTD in a DOCX file.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Independentsoft/JWorddescription
- Range: <1.1.110
Patches
Vulnerability mechanics
References
3- excellium-services.com/cert-xlm-advisory/CVE-2023-28152nvdThird Party Advisory
- www.independentsoft.de/jword/index.htmlnvdProduct
- cds.thalesgroup.com/en/tcs-cert/CVE-2023-28152nvd
News mentions
0No linked articles in our index yet.