clemfavre

1 exploit Active since Oct 2023
CVE-2023-45612 NOMISEC HIGH WRITEUP
JetBrains Ktor < 2.3.5 - XML External Entity Injection via Default ContentNegotiation
In JetBrains Ktor before 2.3.5 default configuration of ContentNegotiation with XML format was vulnerable to XXE
CVSS 8.6