Vulnerability Details CVE-2020-26709
py-xml v1.0 was discovered to contain an XML External Entity Injection (XXE) vulnerability which allows attackers to execute arbitrary code via a crafted XML file.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 12.4%
CVSS Severity
CVSS v3 Score 7.5
Products affected by CVE-2020-26709
-
cpe:2.3:a:py-xml_project:py-xml:1.0