Vulnerability Details CVE-2023-37497
The Unica application exposes an API which accepts arbitrary XML input. By manipulating the given XML, an authenticated attacker with certain rights can successfully perform XML External Entity attacks (XXE) against the backend service.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 40.7%
CVSS Severity
CVSS v3 Score 8.1
References