1 results (0.008 seconds)
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0
CVE-2018-25082 – zwczou WeChat SDK Python to_xml xml external entity reference
https://notcve.org/view.php?id=CVE-2018-25082
A vulnerability was found in zwczou WeChat SDK Python 0.3.0 and classified as critical. This issue affects the function validate/to_xml. The manipulation leads to xml external entity reference. The attack may be initiated remotely. Upgrading to version 0.5.5 is able to address this issue. • https://github.com/zwczou/weixin-python/commit/e54abadc777715b6dcb545c13214d1dea63df6c9 https://github.com/zwczou/weixin-python/pull/30 https://github.com/zwczou/weixin-python/releases/tag/v0.5.5 https://vuldb.com/?ctiid.223403 https://vuldb.com/?id.223403 • CWE-611: Improper Restriction of XML External Entity Reference •