Safe Software FME Server v2021.2.5, v2022.0.0.2 and below exists to contain a XML External Entity (XXE) vulnerability which allows authenticated malicious users to perform data exfiltration or Server-Side Request Forgery (SSRF) attacks.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
safe fme server |