What the vulnerability does
01Description
KNIME Analytics Platform before 4.5.0 is vulnerable to XXE (external XML entity injection) via a crafted workflow file (.knwf), aka AP-17730.
CVSS base score
CVSS vector
CVSS:3.1/AC:L/AV:N/A:N/C:L/I:N/PR:N/S:C/UI:R
What the vulnerability does
KNIME Analytics Platform before 4.5.0 is vulnerable to XXE (external XML entity injection) via a crafted workflow file (.knwf), aka AP-17730.
Key dates
External resources