secmastersDec 1, 20182 minOut-of-band XXE in PrizmDoc (CVE-2018–15805)About PrizmDoc: PrizmDoc is a web-based online document viewer and can be embedded into any web page or linked to from any website. The...
secmastersDec 1, 20181 minSOAP- Based Unauthenticated Out-of-Band XML External Entity (OOB-XXE) in a Help Desk SoftwareWhile registering for an application, The assessment team identified wsdl file such as: /services/ApiService?wsdl We have used wsdler...
secmastersSep 15, 20181 minStored Cross Site Scripting in PrizmDoc 13.3 and before (CVE-2018–15546)While working on a security audit, our researcher has found a security weakness affecting PrizmDoc HTML5 Document Viewer 13.3 and all...