XR3Player version <= V3.124 contains a XML External Entity (XXE) vulnerability in Playlist parser that can result in Disclosure of confidential data, denial of service, SSRF, port scanning.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-611,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| xr3player_project | xr3player | * |