RSS   Vulnerabilities for 'Nopcommerce'   RSS

2019-04-25
 
CVE-2019-11519

CWE-611
 

 
Libraries/Nop.Services/Localization/LocalizationService.cs in nopCommerce through 4.10 allows XXE via the "Configurations -> Languages -> Edit Language -> Import Resources -> Upload XML file" screen.

 


Copyright 2019, cxsecurity.com

 

Back to Top