CVE-2024-51132

Sažetak

An XML External Entity (XXE) vulnerability in HAPI FHIR before v6.4.0 allows attackers to access sensitive information or execute arbitrary code via supplying a crafted request containing malicious XML entities.

Reference

https://github.com/JAckLosingHeart/CVE-2024-51132-POC
https://github.com/hapifhir/org.hl7.fhir.core

CVSS

Base:	0.0
Impact:	None
Exploitability:	None

Pristup

Vektor	Složenost	Autentikacija
None	None	None

Impact

Povjerljivost	Cjelovitost	Dostupnost
None	None	None

CVSS vektor

None

Zadnje važnije ažuriranje

05-11-2024 - 17:15

Objavljeno

05-11-2024 - 17:15