What the vulnerability does

01Description

ClipSoft REXPERT 1.0.0.527 and earlier version allows arbitrary file creation and execution via report print function of rexpert viewer with modified XML document. User interaction is required to exploit this vulnerability in that the target must visit a malicious web page.

Key dates

02Disclosure timeline

October 30, 2019 CVE published
August 5, 2024 Record updated