MidnightBSD

Advisories for xml-rpc.net_project

CVE-2022-47514

An XML external entity (XXE) injection vulnerability in XML-RPC.NET before 2.5.0 allows remote authenticated users to conduct server-side request forgery (SSRF) attacks, as demonstrated by a pingback.aspx POST request.

Products Affected

Vendor Product Version
xml-rpc.net_project xml-rpc.net *