CVE-2014-9360

Medium

6.4/10

Summary

XML external entity (XXE) vulnerability in Scalix Web Access 11.4.6.12377 and 12.2.0.14697 allows remote attackers to read arbitrary files and trigger requests to intranet servers via a crafted request.

Access Complexity: LOW
AccessVector: NETWORK
Authentication: NONE
Integrity Impact: PARTIAL
Confidentiality Impact: PARTIAL
Availability Impact: NONE

References

Advisory Timeline

Published Dec 10, 2014

CVE-2014-9360

Summary

References

Advisory Timeline

ChainJacking

JetBrains IDE

KICS SaaS