CVE-2018-5758

Severity CVSS v4.0:
Pending analysis
Type:
CWE-611 Improper Restriction of XML External Entity Reference ('XXE')
Publication date:
12/03/2018
Last modified:
17/06/2026

Description

The Upload File functionality in upload.jspa in Aurea Jive Jive-n 9.0.2.1 On-Premises allows for an XML External Entity attack through a crafted file, allowing attackers to read arbitrary files.

Vulnerable products and versions

CPE From Up to
cpe:2.3:a:aurea:jive-n:9.0.2.1:*:*:*:*:*:*:*