← back
CVE-2024-50848

CVE-2024-50848

CVSS 6.5 MEDIUMEPSS 1.2%CWE-611
Vexday Risk Score
13Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS 6.5EPSS 1.2%KEV nãoPoC Nuclei Metasploit Patch
Lifecycle
18 Nov 2024Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
An XML External Entity (XXE) vulnerability in the Import object and Translation Memory import functionalities of WorldServer v11.8.2 to access sensitive information and execute arbitrary commands via supplying a crafted .tmx file.
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://github.com/1mhr4b/CVE-2024-50848https://github.com/Wh1teSnak3/CVE-2024-50848https://www.trados.com/product/worldserver/