CVE-2017-1000496

Description

Commsy version 9.0.0 is vulnerable to XXE attacks in the configuration import functionality resulting in denial of service and possibly remote execution of code.

CVSS Version 3.0
CVSS Version 2.0

nvd
CVE ID: CVE-2017-1000496
Base Score: 8.8
Base Severity: HIGH
Vector String:CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

nvd
CVE ID: CVE-2017-1000496
Base Score: 6.8
Base Severity: MEDIUM
Vector String:AV:N/AC:M/Au:N/C:P/I:P/A:P

Refrence: NVD

Description​

Description