Out-of-band XXE in PrizmDoc (CVE-2018–15805)
About PrizmDoc: PrizmDoc is a web-based online document viewer and can be embedded into any web page or linked to from any website. The...
SECMASTERS
Search
secmasters
- Dec 1, 2018
- 1 min
SOAP- Based Unauthenticated Out-of-Band XML External Entity (OOB-XXE) in a Help Desk Software
While registering for an application, The assessment team identified wsdl file such as: /services/ApiService?wsdl We have used wsdler...
secmasters
- Sep 15, 2018
- 1 min
Stored Cross Site Scripting in PrizmDoc 13.3 and before (CVE-2018–15546)
While working on a security audit, our researcher has found a security weakness affecting PrizmDoc HTML5 Document Viewer 13.3 and all...