CVE-2018-1000090
Published
CVSS v3
N/A
CVSS v2
7.8
HIGH
Affected
1
PROJECT
Description
textpattern version version 4.6.2 contains a XML Injection vulnerability in Import XML feature that can result in Denial of service in context to the web server by exhausting server memory resources. This attack appear to be exploitable via Uploading a specially crafted XML file.
A flexible, elegant, fast and easy-to-use content management system written in PHP.
GitHub