CVE-2023-45727 - North Grid Proself Improper Restriction of XML External Entity (XXE) Reference Vulnerability
Project:North Grid
Product:Proself
Date Added:2024-12-03Due Date:2024-12-24
Vulnerability Name
North Grid Proself Improper Restriction of XML External Entity (XXE) Reference Vulnerability
Description
North Grid Proself Enterprise/Standard, Gateway, and Mail Sanitize contain an improper restriction of XML External Entity (XXE) reference vulnerability, which could allow a remote, unauthenticated attacker to conduct an XXE attack.
Known To Be Used in Ransomware Campaigns?
Unknown
Action
Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
Additional Notes
https://www.proself.jp/information/153/
https://nvd.nist.gov/vuln/detail/CVE-2023-45727
Related News Articles
CISA Warns of Active Exploitation of Flaws in Zyxel, ProjectSend, and CyberPanelDecember 5, 2024