XML External Entity (XXE) vulnerability in MARC::File::XML module prior to 1.0.2 for Perl, as used in Evergreen, Koha, perl4lib, and possibly other products, allows context-dependent malicious users to read arbitrary files via a crafted XML file.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
galen charlton marc-xml |
||
galen charlton marc-xml 1.0 |