VYPR
Unrated severityNVD Advisory· Published Oct 16, 2024· Updated Oct 16, 2024

Multiple XXE sinks in ALM archive post-build step in OpenText Application Automation Tools

CVE-2024-4184

Description

Improper Restriction of XML External Entity Reference vulnerability in OpenText Application Automation Tools allows DTD Injection.This issue affects OpenText Application Automation Tools: 24.1.0 and below.

Affected products

2

Patches

Vulnerability mechanics

References

1

News mentions

1