Vulnerability Description
Improper restriction of XML external entity references vulnerability exists in FitNesse all releases, which allows a remote unauthenticated attacker to obtain sensitive information, alter data, or cause a denial-of-service (DoS) condition.
CVSS Score
MEDIUM
Related Weaknesses (CWE)
References
- http://fitnesse.org/FitNesseDownload
- https://github.com/unclebob/fitnesse
- https://github.com/unclebob/fitnesse/blob/master/SECURITY.md
- https://jvn.jp/en/jp/JVN94521208/
- http://fitnesse.org/FitNesseDownload
- https://github.com/unclebob/fitnesse
- https://github.com/unclebob/fitnesse/blob/master/SECURITY.md
- https://jvn.jp/en/jp/JVN94521208/
FAQ
What is CVE-2024-28039?
CVE-2024-28039 is a vulnerability with a CVSS score of 5.8 (MEDIUM). Improper restriction of XML external entity references vulnerability exists in FitNesse all releases, which allows a remote unauthenticated attacker to obtain sensitive information, alter data, or cau...
How severe is CVE-2024-28039?
CVE-2024-28039 has been rated MEDIUM with a CVSS base score of 5.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2024-28039?
Check the references section above for vendor advisories and patch information. Review vendor security bulletins for remediation guidance.