N/A

An improper XML parsing vulnerability was reported in the FileZ client that could allow arbitrary file reads on the system if a crafted url is visited by a local user.

CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N

XML外部实体引用的不恰当限制(XXE)

Lenovo Filez 代码问题漏洞

Lenovo Filez是中国联想（Lenovo）公司的一个企业网盘。 Lenovo Filez存在安全漏洞，该漏洞源于XML解析不当，可能导致任意文件读取。

N/A

N/A