CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Charlesproxy: >> Charles >> 4.2.7 Security Vulnerabilities

CVE-2018-19244

An XML External Entity (XXE) vulnerability exists in the Charles 4.2.7 import/export setup option. If a user imports a "Charles Settings.xml" file from an attacker, an intranet network may be accessed and information may be leaked.

CVSS Score

8.6

EPSS Score

0.003

Published

2018-11-13

Page 1

Vulnerabilities

Vulnerable Software

Charlesproxy: >> Charles >> 4.2.7 Security Vulnerabilities

Products

Pricing

Contact Us