Threat Encyclopedia

Arbitrary Code Execution, XXE Attacks, Denial of Service, SQL Injection, and CSRF Vulnerabilities for Hyland OnBase

description-logoDescription

An issue was discovered in Hyland OnBase through 18.0.0.32 and 19.x through 19.8.9.1000. It allows remote attackers to execute arbitrary code, perform XML External Entity (XXE) attacks, trigger denial of service, allows for SQL injections and also Cross-Site Request Forgery (CSRF).

affected-products-logoAffected Products

Hyland OnBase