7.1
CVE-2026-35000
- EPSS 0.28%
- Veröffentlicht 01.04.2026 18:09:35
- Zuletzt bearbeitet 21.04.2026 00:15:47
- Quelle disclosure@vulncheck.com
- CVE-Watchlists
- Unerledigt
LoginChangeDetection.io < 0.54.7 SafeXPath3Parser Bypass Arbitrary File Read
ChangeDetection.io versions prior to 0.54.7 contain a protection bypass vulnerability in the SafeXPath3Parser implementation that allows attackers to read arbitrary local files by using unblocked XPath 3.0/3.1 functions such as json-doc() and similar file-access primitives. Attackers can exploit the incomplete blocklist of dangerous XPath functions to access sensitive data from the local filesystem.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Webtechnologies ≫ Changedetection Version < 0.54.7
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.28% | 0.197 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| disclosure@vulncheck.com | 6.5 | 2.8 | 3.6 |
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
|
| disclosure@vulncheck.com | 7.1 | 0 | 0 |
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
|
CWE-184 Incomplete List of Disallowed Inputs
The product implements a protection mechanism that relies on a list of inputs (or properties of inputs) that are not allowed by policy or otherwise require other action to neutralize before additional processing takes place, but the list is incomplete.
https://github.com/dgtlmoon/changedetection.io/releases/tag/0.54.7
https://github.com/dgtlmoon/changedetection.io/commit/dadc804567a51f803cd6715f7885c11a247915f6
https://www.vulncheck.com/advisories/changedetection-io-safexpath3parser-bypass-arbitrary-file-read