Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

XXE processing #3713

Closed
AndreiMaz opened this issue Apr 24, 2019 · 2 comments
Closed

XXE processing #3713

AndreiMaz opened this issue Apr 24, 2019 · 2 comments
Assignees
Labels
Milestone

Comments

@AndreiMaz
Copy link
Member

I believe I have found a zero day which allows an attacker to read files of the server by uploading a XML file in the following:

Configurations -> Languages -> Edit Language -> Import Resources -> Upload XML file to perform XXE attack and read files of the server.

I used Burp Collaborator to read the files and its content since it is a blind XXE

Source: https://www.nopcommerce.com/boards/t/62390/xxe-version-390.aspx

@AndreiMaz AndreiMaz added the bug label Apr 24, 2019
@AndreiMaz AndreiMaz added this to the Version 4.20 milestone Apr 24, 2019
@AndreiMaz AndreiMaz self-assigned this Apr 24, 2019
@AndreiMaz
Copy link
Member Author

Fixed with e2bba46

@ghost
Copy link

ghost commented Jun 7, 2019

Thank you for fixing this so fast, some vendors don't care at all but you guys did a great job. (My CVE was accepted)

References:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11519
https://nvd.nist.gov/vuln/detail/CVE-2019-11519

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
Projects
None yet
Development

No branches or pull requests

2 participants