XML External Entity (XXE) Injection Vulnerability in Zoho ManageEngine Firewall Analyzer before 12.3 Build 123224

XML External Entity (XXE) Injection Vulnerability in Zoho ManageEngine Firewall Analyzer before 12.3 Build 123224

CVE-2019-11677 · HIGH Severity

AV:N/AC:L/AU:N/C:P/I:P/A:P

The Custom Report import function in Zoho ManageEngine Firewall Analyzer before 12.3 Build 123224 is vulnerable to XML External Entity (XXE) Injection.

Learn more about our External Network Penetration Testing.