Vulnerabilities in Popular Fonts Allow XXE & Arbitrary Command Attacks
Posted: Fri Dec 20, 2024 4:16 am
The popular fonts used in web development and design can be exploited to launch XML External Entity (XXE) attacks and execute arbitrary commands.
These vulnerabilities, identified as CVE-2023-45139, CVE-2024-25081, and CVE-2024-25082, pose a significant threat, allowing for XML External Entity (XXE) attacks and arbitrary command execution.
https://cybersecuritynews.com/vulnerabi ... arbitrary/
These vulnerabilities, identified as CVE-2023-45139, CVE-2024-25081, and CVE-2024-25082, pose a significant threat, allowing for XML External Entity (XXE) attacks and arbitrary command execution.
https://cybersecuritynews.com/vulnerabi ... arbitrary/