Posted by KoreLogic Disclosures via Fulldisclosure on Aug 07

KL-001-2024-010: Journyx Unauthenticated XML External Entities Injection

Title: Journyx Unauthenticated XML External Entities Injection
Advisory ID: KL-001-2024-010
Publication Date: 2024.08.07
Publication URL: https://korelogic.com/Resources/Advisories/KL-001-2024-010.txt

1. Vulnerability Details

     Affected Vendor: Journyx
     Affected Product: Journyx (jtime)
     Affected Version: 11.5.4
     Platform: GNU/Linux…

Read More