Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
A directory traversal vulnerability in Oxygen XML Web Author before 25.0.0.3 build 2023021715 and Oxygen Content Fusion before 5.0.3 build 2023022015 allows an attacker to read files from a WEB-INF directory via a crafted HTTP request. (XML Web Author 24.1.0.3 build 2023021714 and 23.1.1.4 build 2023021715 are also fixed versions.)
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Syncro Soft Oxygen XML WebHelp 路径遍历漏洞
Vulnerability Description
Syncro Soft Oxygen XML WebHelp是罗马尼亚Syncro Soft公司的用于 DITA 和 DocBook 资源转换为 WebHelp 输出。 Oxygen XML Web Author 25.0.0.3 build 2023021715 之前版本、Oxygen Content Fusion 5.0.3 build 2023022015 之前版本存在安全漏洞,该漏洞源于允许攻击者通过精心设计的 HTTP 请求从 WEB-INF 目录读取文件。
CVSS Information
N/A
Vulnerability Type
N/A