We use these services and cookies to improve your user experience. You may opt out if you wish, however, this may limit some features on this site.
Please see our statement on Data Privacy.
An information disclosure vulnerability exists in Progress Telerik Report Server, version 2024 Q1 (10.0.24.305) or earlier, allows low-privilege attacker to read systems file via XML External Entity Processing.
Reserved 2024-04-30 | Published 2024-05-15 | Updated 2024-08-01 | Assigner ProgressSoftwareCWE-611 Improper Restriction of XML External Entity Reference
Sina Kheirkhah (@SinSinology) of Summoning Team (@SummoningTeam) working with Trend Micro Zero Day Initiative
docs.telerik.com/...dge-base/xxe-vulnerability-cve-2024-4357
Support options