SEC Consult SA-20141031-0 :: XML External Entity Injection (XXE) and Reflected XSS in Scalix Web Access

October 31, 2014 007admin Leave a comment

Posted by SEC Consult Vulnerability Lab on Oct 31

SEC Consult Vulnerability Lab Security Advisory < 20141031-0 >
=======================================================================
title: XML External Entity Injection (XXE) and Reflected XSS
product: Scalix Web Access
vulnerable version: 11.4.6.12377 and 12.2.0.14697
fixed version: –
impact: Critical
homepage: http://www.scalix.com/
found: 2014-08-27…

007 Software

SEC Consult SA-20141031-0 :: XML External Entity Injection (XXE) and Reflected XSS in Scalix Web Access

Leave a Reply Cancel reply

Software and Security Information