opOpenSocialPlugin 0.8.2.1, > 0.9.9.2, 0.9.13, 1.2.6: Multiple XML External Entity Injection Vulnerabilities
The product uses XML documents and allows their structure to be defined with a Document Type Definition (DTD), but it does not properly control the number of recursive definitions of entities.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Opopensocialplugin | Openpne | 0.9.9.2 | 0.9.9.2 |
Opopensocialplugin | Openpne | 0.9.13 | 0.9.13 |
Opopensocialplugin | Openpne | 1.2.6 | 1.2.6 |
Opopensocialplugin | Openpne | 0.8.2.1 | 0.8.2.1 |