CVE CyberSecurity Database News - Latest cybersecurity news and CVE details

WSDL

Nov 3, 2022 XXE SOAP WSDL Apache

CVE-2022-40747 IBM InfoSphere Information Server is vulnerable to an XML External Entity Injection attack. An attacker could exploit this to reveal sensitive information or consume memory resources.

Information on possible vectors of attack and fixes can be found here. Information on possible vectors of attack and fixes can be found here. CVE-2018-3092

Sep 9, 2022 WSDL

CVE-2022-39810 An XSS vulnerability was found in WSO2 Enterprise Integrator 6.4.0 with a driver parameter.

It is highly recommended to always validate input and to not use the driver value directly. If you are using the Management Console, a recommended