Nablarch 5 (5, and 5u1 to 5u13) allows remote attackers to conduct XML External Entity (XXE) attacks via unspecified vectors.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-611,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| nablarch_project | nablarch | 5u1 |
| nablarch_project | nablarch | 5u13 |
| nablarch_project | nablarch | 5 |
An incomplete cryptography of the data store function by using hidden tag in Nablarch 5 (5, and 5u1 to 5u13) allows remote attackers to obtain information of the stored data, to register invalid value, or alter the value via unspecified vectors.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-327,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| nablarch_project | nablarch | 5u1 |
| nablarch_project | nablarch | 5u13 |
| nablarch_project | nablarch | 5 |