| Description: | | Weaver Ecology is an enterprise level digital office platform, which provides comprehensive functions such as collaborative work, process management, knowledge sharing, etc., to promote the internal information flow of enterprises and the digital transformation of business processes. Weaver Ecology ReceiveCCRequestByXml interface has an XML external entity injection vulnerability, which allows attackers to introduce external entities when parsing XML data, which may lead to sensitive information disclosure, server resource depletion, remote server attacks, and even bypass security measures to access internal systems, posing a serious threat to data security and system integrity. |