Vulnerability Details CVE-2023-28150
An issue was discovered in Independentsoft JODF before 1.1.110. The API is prone to XML external entity (XXE) injection via a remote DTD in a DOCX file.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 10.0%
CVSS Severity
CVSS v3 Score 5.3
References
Products affected by CVE-2023-28150
-
cpe:2.3:a:independentsoft:jodf:-