Description

xmlparse.c in Expat (aka libexpat) before 2.4.5 allows attackers to insert namespace-separator characters into namespace URIs.

Remediation

References

CVE-2022-25236

Related Vulnerabilities

WordPress Plugin WP E-Signature Remote Code Execution (1.5.6.5)

WordPress Plugin Konnichiwa! Membership Cross-Site Scripting (0.8.3)

e107 Other Vulnerability (CVE-2005-3521)

WordPress Plugin wpDataTables-WordPress Data Table, Dynamic Tables & Table Charts Cross-Site Scripting (2.1.49)

Python Incorrect Authorization Vulnerability (CVE-2020-15801)

Severity

Critical

Classification

CVE-2022-25236 CWE-668 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Tags

Missing Update Known Vulnerabilities