XML External Entity (XXE) vulnerability in JobScheduler before 1.6.4246 and 7.x before 1.7.4241 allows remote attackers to cause a denial of service and read arbitrary files or directories via a request containing an XML external entity declaration in conjunction with an entity reference.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Jobscheduler | Sos | 1.6.4043 | 1.6.4043 |
Jobscheduler | Sos | 1.7.4189 | 1.7.4189 |
Jobscheduler | Sos | 1.6.4014 | 1.6.4014 |
Jobscheduler | Sos | 1.7.4177 | 1.7.4177 |
Jobscheduler | Sos | * | 1.6.4131 |