CX-Designer Ver.3.740 and previous versions (included in CX-One CXONE-AL[][]D-V4) contains an improper restriction of XML external entity reference (XXE) vulnerability. If a user opens a specially crafted project file created by an attacker, sensitive information in the file system where CX-Designer is installed may be disclosed.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
omrom cx-designer |