RSS   Podatności dla 'MPXJ'   RSS

2020-12-14
 
CVE-2020-35460

CWE-22
 
 
common/InputStreamHelper.java in Packwood MPXJ before 8.3.5 allows directory traversal in the zip stream handler flow, leading to the writing of files to arbitrary locations.

 
2020-08-29
 
CVE-2020-25020

CWE-611
 
 
MPXJ through 8.1.3 allows XXE attacks. This affects the GanttProjectReader and PhoenixReader components.

 

Copyright 2024, cxsecurity.com

 

Back to Top