Jabref

jabref

1 CVE • 1 product

Products (1)

Click to collapse

Toggle

Jabref

jabref

1 CVE

CVEs (1)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2018-1000652 1Jabref 1Jabref Nov 21, 2024 Aug 20, 2018 N/A· v4 10.0 CRITICAL· v3 7.5 HIGH· v2 JabRef version <=4.3.1 contains a XML External Entity (XXE) vulnerability in MsBibImporter XML Parser that can result in disclosure of confidential data, denial of service, server side request forgery, port scanning. Thi...Show more JabRef version <=4.3.1 contains a XML External Entity (XXE) vulnerability in MsBibImporter XML Parser that can result in disclosure of confidential data, denial of service, server side request forgery, port scanning. This attack appear to be exploitable via Specially crafted MsBib file. This vulnerability appears to have been fixed in after commit 89f855d.Show less

CVE

VENDORS

PRODUCTS

UPDATED

PUBLISHED

CVSS

CVE-2018-1000652

1Jabref

Nov 21, 2024

Aug 20, 2018

N/A· v4

10.0 CRITICAL· v3

7.5 HIGH· v2

JabRef version <=4.3.1 contains a XML External Entity (XXE) vulnerability in MsBibImporter XML Parser that can result in disclosure of confidential data, denial of service, server side request forgery, port scanning. This attack appear to be exploitable via Specially crafted MsBib file. This vulnerability appears to have been fixed in after commit 89f855d.Show less