Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
An issue was discovered in Independentsoft JODF before 1.1.110. The API is prone to XML external entity (XXE) injection via a remote DTD in a DOCX file.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Vulnerability Type
N/A
Vulnerability Title
Independentsoft JODF 代码问题漏洞
Vulnerability Description
Independentsoft JODF是德国Independentsoft公司的一个适用于 Java 和 Android 的开放文档格式 API。 Independentsoft JODF 1.1.110 之前版本存在安全漏洞,该漏洞源于API 容易通过 DOCX 文件中的远程 DTD 进行 XML 外部实体 (XXE) 注入。
CVSS Information
N/A
Vulnerability Type
N/A