CVE-2018-11586

Published: 2018-06-05T21:29Z

Last Modified: 2024-11-21T03:43Z

Source: MITRE CVE List

License: MITRE-CVE-TOS

XML external entity (XXE) vulnerability in api/rest/status in SearchBlox 8.6.7 allows remote unauthenticated users to read arbitrary files or conduct server-side request forgery (SSRF) attacks via a crafted DTD in an XML request. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt