CVE-2023-28150

Description

An issue was discovered in Independentsoft JODF before 1.1.110. The API is prone to XML external entity (XXE) injection via a remote DTD in a DOCX file.

Related CPE's

a independentsoft jodf ********

References

https://www.independentsoft.de/jword/index.html

Not Applicable

https://excellium-services.com/cert-xlm-advisory/CVE-2023-28150

Third Party Advisory

CvssV3 impact

Could not find any metrics

CvssV2 impact

Could not find any metrics

Created by Yello

About Severity.io