CVE-2015-3160
06.09.2017, 21:29
XML external entity (XXE) vulnerability in bkr/server/jobs.py in Beaker before 20.1 allows remote authenticated users to obtain sensitive information via submitting job XML to the server containing entity references which reference files from the Beaker server's file system.Enginsight
| Vendor | Product | Version |
|---|---|---|
| beaker-project | beaker | 𝑥 ≤ 20.0 |
𝑥
= Vulnerable software versions
References