CVE-2023-45727 Information

Description

Proself Enterprise/Standard Edition Ver5.62 and earlier Proself Gateway Edition Ver1.65 and earlier and Proself Mail Sanitize Edition Ver1.08 and earlier allow a remote unauthenticated attacker to conduct XML External Entity (XXE) attacks. By processing a specially crafted request containing malformed XML data arbitrary files on the server containing account information may be read by the attacker.

Reference

https://www.proself.jp/information/153/ https://jvn.jp/en/jp/JVN95981460/