MidnightBSD

Advisories for netbeans-mmd-plugin_project

CVE-2018-1000542 MEDIUM

netbeans-mmd-plugin version <= 1.4.3 contains a XML External Entity (XXE) vulnerability in MMD file import that can result in Possible information disclosure, server-side request forgery, or remote code execution. This attack appear to be exploitable via Specially crafted MMD file.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-611,

Products Affected

Vendor Product Version
netbeans-mmd-plugin_project netbeans-mmd-plugin 1.4.3