XML External Entity Blind Injection in BlogEngine.NET 3.3.7.0 and earlier

XML External Entity Blind Injection in BlogEngine.NET 3.3.7.0 and earlier

CVE-2019-10718 · MEDIUM Severity

AV:N/AC:L/AU:N/C:P/I:N/A:N

BlogEngine.NET 3.3.7.0 and earlier allows XML External Entity Blind Injection, related to pingback.axd and BlogEngine.Core/Web/HttpHandlers/PingbackHandler.cs.

Learn more about our Web App Pen Testing.