CVE-2017-1000497

CRITICAL

9.8

CVSS Severity Score

EPSS Score0.1970%

EPSS Percentile10.74th

PublishedJan 3, 2018

Last ModifiedNov 21, 2024

Vulnerability Description

Pepperminty-Wiki version 0.15 is vulnerable to XXE attacks in the getsvgsize function resulting in denial of service and possibly remote code execution

Affected Platforms (CPE)

📦

Pepperminty Wiki Project

Pepperminty Wiki

= 0.15

References & Advisories

🔗 https://github.com/sbrl/Pepperminty-Wiki/issues/152

Related Vulnerabilities

CVE-2017-1290510.0

Server Side Request Forgery vulnerability in Vebto Pixie Image Editor 1.4 and 1.7 allows remote attackers to disclose information ...

CVE-2017-1399510.0

An Improper Authentication issue was discovered in iniNet Solutions iniNet Webserver, all versions prior to V2.02.0100. The webser...

CVE-2017-792810.0

An Improper Access Control issue was discovered in Schweitzer Engineering Laboratories (SEL) SEL-3620 and SEL-3622 Security Gatewa...

CVE-2017-278810.0

A buffer overflows exists in the psnotifyd application of the Pharos PopUp printer client version 9.0. A specially crafted packet ...