CVE-2023-45612
8.6HIGH
Summary
In JetBrains Ktor before 2.3.5 default configuration of ContentNegotiation with XML format was vulnerable to XXE
Affected Version(s)
Ktor < 2.3.5
CVSS V3.1
Score:
8.6
Severity:
HIGH
Confidentiality:
High
Integrity:
None
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Changed
Timeline
Risk change from: 9.8 to: 8.6 - (HIGH)
Vulnerability Reserved.
Vulnerability published.
Collectors
NVD DatabaseMitre Database