SEC Consult SA-20201117-0 :: Blind Out-Of-Band XML External Entity Injection in Avaya Web License Manager
Posted by SEC Consult Vulnerability Lab on Nov 17
SEC Consult Vulnerability Lab Security Advisory < 20201117-0 >
=======================================================================
title: Blind Out-Of-Band XML External Entity Injection (Authenticated)
product: Avaya Web License Manager
vulnerable version: 6.x, 7.0 through 7.1.3.6, 8.0 through 8.1.2.0.0
fixed version: 7.1.3.7 and 8.1.3
CVE number: CVE-2020-7032
impact: medium (6.5)…
If you like the site, please consider joining the telegram channel or supporting us on Patreon using the button below.