2 results (0.006 seconds)
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0
CVE-2023-1288 – ENOVIA Live Collaboration V6R2013xE is affected by an XML External Entity injection (XXE) vulnerability
https://notcve.org/view.php?id=CVE-2023-1288
An XML External Entity injection (XXE) vulnerability in ENOVIA Live Collaboration V6R2013xE allows an attacker to read local files on the server. • https://www.3ds.com/vulnerability/advisories • CWE-611: Improper Restriction of XML External Entity Reference •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0
CVE-2023-1287 – ENOVIA Live Collaboration V6R2013xE is affected by an XSL template injection vulnerability
https://notcve.org/view.php?id=CVE-2023-1287
An XSL template vulnerability in ENOVIA Live Collaboration V6R2013xE allows Remote Code Execution. • https://www.3ds.com/vulnerability/advisories • CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') CWE-94: Improper Control of Generation of Code ('Code Injection') •