Record truncated, showing 500 of 619 characters. ![]() NOTE: The vendor disputes this issues as not being a vulnerability because ?All attacks that use external entities are blocked (no external DTD ![]() This vulnerability can lead to local file disclosure, DoS, or URI invocation attacks (i.e., SSRF with resultant remote code execution). View Entire Change Record ** DISPUTED ** Axway SecureTransport 5.x through 5.3 (or 5.x through 5.5 with certain API configuration) is vulnerable to unauthenticated blind XML injection (and XXE) in the resetPassword functionality via the REST API. Please address comments about this page to Third Party Advisory Further, NIST does notĮndorse any commercial products that may be mentioned on Not necessarily endorse the views expressed, or concur with Sites that are more appropriate for your purpose. Inferences should be drawn on account of other sites being May have information that would be of interest to you. ![]() We have provided these links to other web sites because they References to Advisories, Solutions, and Toolsīy selecting these links, you will be leaving NIST webspace.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |