Vulnerability Details CVE-2019-14276
WUSTL XNAT 1.7.5.3 allows XXE attacks via a POST request body.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 54.3%
CVSS Severity
CVSS v3 Score 6.5
CVSS v2 Score 4.0
References
- http://www.senseofsecurity.com.au/research/it-security-advisories.php
- https://wiki.xnat.org/documentation/getting-started-with-xnat/what-s-new-in-xnat/xnat-1-7-5-4-1-7-5-6-release-notes
- https://www.senseofsecurity.com.au/advisories/SOS-19-001
- http://www.senseofsecurity.com.au/research/it-security-advisories.php
- https://wiki.xnat.org/documentation/getting-started-with-xnat/what-s-new-in-xnat/xnat-1-7-5-4-1-7-5-6-release-notes
- https://www.senseofsecurity.com.au/advisories/SOS-19-001