Vulnerability Details CVE-2023-25955
National land numerical information data conversion tool all versions improperly restricts XML external entity references (XXE). By processing a specially crafted XML file, arbitrary files on the PC may be accessed by an attacker.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 10.1%
CVSS Severity
CVSS v3 Score 5.5
References
Products affected by CVE-2023-25955
-
cpe:2.3:a:mlit:national_land_numerical_information_data_conversion_tool:-