Skip to main content

Shindig

1 CVEs product

Monthly

CVE-2013-4295 Maven MEDIUM POC PATCH THREAT This Month

The gadget renderer in Apache Shindig 2.5.0 for PHP allows remote attackers to obtain sensitive information via an XML document containing an external entity declaration in conjunction with an entity. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 17.0%.

PHP Apache Information Disclosure XXE Shindig
NVD Exploit-DB
CVSS 2.0
5.0
EPSS
17.0%
EPSS 17% CVSS 5.0
MEDIUM POC PATCH THREAT This Month

The gadget renderer in Apache Shindig 2.5.0 for PHP allows remote attackers to obtain sensitive information via an XML document containing an external entity declaration in conjunction with an entity. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 17.0%.

PHP Apache Information Disclosure +2
NVD Exploit-DB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy