CVE-2023-52239

CVSS 3.1 Score 6.5 of 10 (medium)

Details

Published Feb 6, 2024

Updated: Feb 13, 2024

CWE ID 611

Summary

CVE-2023-52239 is a vulnerability affecting the XML parser in Magic xpi Integration Platform version 4.13.4. An attacker can exploit this issue through onItemImport functionality, enabling them to conduct XML External Entity (XXE) attacks. Successful exploitation could result in unauthorized access to sensitive data or system crashes. Users are advised to update their Magic xpi Integration Platform to a patched version to mitigate this risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Magic Software Enterprises

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/t95tiq
https://www.cve.org/CVERecord?id=CVE-2023-52239
https://nvd.nist.gov/vuln/detail/CVE-2023-52239

Back to Vulnerability Database

CVE-2023-52239

CVSS 3.1 Score 6.5 of 10 (medium)

Details

Summary

Affected Vendors

Advisories, Assessments, and Mitigations