CVE-2024-29010 Information

Description

The XML document processed in the GMS ECM URL endpoint is vulnerable to XML external entity (XXE) injection potentially resulting in the disclosure of sensitive information.

This issue affects GMS: 9.3.4 and earlier versions.

Reference

https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2024-0007