Unrated severityNVD Advisory· Published Oct 16, 2024· Updated Oct 16, 2024
Multiple XXE sinks in Run LoadRunner script step in OpenText Application Automation Tools
CVE-2024-4189
Description
Improper Restriction of XML External Entity Reference vulnerability in OpenText Application Automation Tools allows DTD Injection.This issue affects OpenText Application Automation Tools: 24.1.0 and below.
Affected products
2<=24.1.0+ 1 more
- (no CPE)range: <=24.1.0
- (no CPE)range: 24.1.0 and below
Patches
Vulnerability mechanics
References
1News mentions
1- Jenkins Security Advisory 2024-05-24Jenkins Security Advisories · May 24, 2024