CVE-2020-12642

Published May 4th, 2020

View on NVD ↗

CVSS v3

7.5

HIGH

CVSS v2

MEDIUM

Affected

PROJECT

Description

An issue was discovered in service-api before 4.3.12 and 5.x before 5.1.1 for Report Portal. It allows XXE, with resultant secrets disclosure and SSRF, via JUnit XML launch import.

reportportal/reportportal

Main Repository. ReportPortal starts here - see readme below.

GitHub