描述
CBRN-Analysis before 22 allows XXE attacks via am mws XML document, leading to NTLMv2-SSP hash disclosure.
AI分析AI驱动
受影响产品
bruhn-newtechcbrn-analysis
参考资料
- https://zigrin.com/advisories/cbrn-analysis-external-xml-entity-injection/Third Party Advisory
- https://zigrin.com/advisories/cbrn-analysis-external-xml-entity-injection/Third Party Advisory