CVE-2020-19954
Published
CVSS v3
7.5
HIGH
CVSS v2
5
MEDIUM
Affected
1
PROJECT
Description
An XML External Entity (XXE) vulnerability was discovered in /api/notify.php in S-CMS 3.0 which allows attackers to read arbitrary files.
An XML External Entity (XXE) vulnerability was discovered in /api/notify.php in S-CMS 3.0 which allows attackers to read arbitrary files.
GitHub