High severity7.1NVD Advisory· Published May 1, 2024· Updated Apr 15, 2026
CVE-2024-29010
CVE-2024-29010
Description
The XML document processed in the GMS ECM URL endpoint is vulnerable to XML external entity (XXE) injection, potentially resulting in the disclosure of sensitive information.
This issue affects GMS: 9.3.4 and earlier versions.
Affected products
1Patches
Vulnerability mechanics
References
1News mentions
0No linked articles in our index yet.