CVE-2024-28039 Information

Description

Improper restriction of XML external entity references vulnerability exists in FitNesse all releases which allows a remote unauthenticated attacker to obtain sensitive information alter data or cause a denial-of-service (DoS) condition.

Reference

https://github.com/unclebob/fitnesse http://fitnesse.org/FitNesseDownload https://github.com/unclebob/fitnesse/blob/master/SECURITY.md https://jvn.jp/en/jp/JVN94521208/