Vigilance.fr - Asterisk Open Source: external XML entity injection via XML_PARSE_NOENT, analyzed on 05/02/2026

An attacker can transmit malicious XML data to Asterisk Open Source, via XML_PARSE_NOENT, in order to read a file, scan sites, or trigger a denial of service.

- Security Vulnerability
Espace publicitaire · 300×250