Vulnerability Description
PrinceXML, versions 10 and below, is vulnerable to XXE due to the lack of protection against external entities. If an attacker passes HTML referencing an XML file (e.g., in an IFRAME element), PrinceXML will fetch the XML and parse it, thus giving an attacker file-read access and full-fledged SSRF.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Princexml | Princexml | <= 10.0 |
Related Weaknesses (CWE)
References
- https://hacking.us.com/blog/XSS-to-XXE-in-Prince/ExploitThird Party Advisory
- https://www.lynxsecurity.io/Third Party Advisory
- https://www.youtube.com/watch?v=-7YIzYtWhzMExploitThird Party Advisory
- https://hacking.us.com/blog/XSS-to-XXE-in-Prince/ExploitThird Party Advisory
- https://www.lynxsecurity.io/Third Party Advisory
- https://www.youtube.com/watch?v=-7YIzYtWhzMExploitThird Party Advisory
FAQ
What is CVE-2018-19858?
CVE-2018-19858 is a vulnerability with a CVSS score of 8.6 (HIGH). PrinceXML, versions 10 and below, is vulnerable to XXE due to the lack of protection against external entities. If an attacker passes HTML referencing an XML file (e.g., in an IFRAME element), PrinceX...
How severe is CVE-2018-19858?
CVE-2018-19858 has been rated HIGH with a CVSS base score of 8.6/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2018-19858?
Check the references section above for vendor advisories and patch information. Affected products include: Princexml Princexml.