Skip to main content

Grassmarlin

1 CVEs product

Monthly

CVE-2026-6807 MEDIUM CISA This Month

XML External Entity (XXE) injection in GRASSMARLIN v3.2.1 allows authenticated local users to extract sensitive information through crafted session data that exploits insufficient XML parser hardening. The vulnerability has a CVSS score of 5.5 with local attack vector and high confidentiality impact, affecting users with login credentials on systems running the affected version.

XXE Grassmarlin
NVD GitHub
CVSS 3.1
5.5
EPSS
0.0%
EPSS 0% CVSS 5.5
MEDIUM This Month

XML External Entity (XXE) injection in GRASSMARLIN v3.2.1 allows authenticated local users to extract sensitive information through crafted session data that exploits insufficient XML parser hardening. The vulnerability has a CVSS score of 5.5 with local attack vector and high confidentiality impact, affecting users with login credentials on systems running the affected version.

XXE Grassmarlin
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy