Search
Find a vulnerability
Search criteria
4 vulnerabilities found for ww.Winsure by SFS Consulting
CVE-2024-7104 (GCVE-0-2024-7104)
Vulnerability from nvd – Published: 2024-09-16 14:52 – Updated: 2026-06-03 11:39
VLAI
EPSS
VEX
Title
Remote Code Execution in SFS Consulting's ww.Winsure
Summary
Improper Control of Generation of Code ('Code Injection') vulnerability in SFS Consulting ww.Winsure allows Code Injection.
This issue affects ww.Winsure: before 4.6.2.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-94 - Improper Control of Generation of Code ('Code Injection')
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://www.usom.gov.tr/bildirim/tr-24-1475 | government-resourcebroken-link |
| https://siberguvenlik.gov.tr/guvenlik-bildirimler… | government-resource |
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| SFS Consulting | ww.Winsure |
Affected:
0 , < 4.6.2
(custom)
|
|
| sfs_consulting | wwwinsure |
Affected:
0 , < 4.6.2
(custom)
cpe:2.3:a:sfs_consulting:wwwinsure:*:*:*:*:*:*:*:* |
Credits
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:sfs_consulting:wwwinsure:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "wwwinsure",
"vendor": "sfs_consulting",
"versions": [
{
"lessThan": "4.6.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-7104",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-16T15:28:17.324008Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-16T15:34:22.985Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "ww.Winsure",
"vendor": "SFS Consulting",
"versions": [
{
"lessThan": "4.6.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Salih \u00d6ZEK"
},
{
"lang": "en",
"type": "sponsor",
"value": "Secure Future Inc."
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Improper Control of Generation of Code (\u0027Code Injection\u0027) vulnerability in SFS Consulting ww.Winsure allows Code Injection.\u003cp\u003eThis issue affects ww.Winsure: before 4.6.2.\u003c/p\u003e"
}
],
"value": "Improper Control of Generation of Code (\u0027Code Injection\u0027) vulnerability in SFS Consulting ww.Winsure allows Code Injection.\n\nThis issue affects ww.Winsure: before 4.6.2."
}
],
"impacts": [
{
"capecId": "CAPEC-242",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-242 Code Injection"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 9.2,
"baseSeverity": "CRITICAL",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "HIGH",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:L/VA:N/SC:H/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "LOW",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-94",
"description": "CWE-94 Improper Control of Generation of Code (\u0027Code Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-06-03T11:39:15.008Z",
"orgId": "ca940d4e-fea4-4aa2-9a58-591a58b1ce21",
"shortName": "TR-CERT"
},
"references": [
{
"tags": [
"government-resource",
"broken-link"
],
"url": "https://www.usom.gov.tr/bildirim/tr-24-1475"
},
{
"tags": [
"government-resource"
],
"url": "https://siberguvenlik.gov.tr/guvenlik-bildirimleri/detay/tr-24-1475"
}
],
"source": {
"advisory": "TR-24-1475",
"defect": [
"TR-24-1475"
],
"discovery": "UNKNOWN"
},
"title": "Remote Code Execution in SFS Consulting\u0027s ww.Winsure",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "ca940d4e-fea4-4aa2-9a58-591a58b1ce21",
"assignerShortName": "TR-CERT",
"cveId": "CVE-2024-7104",
"datePublished": "2024-09-16T14:52:57.400Z",
"dateReserved": "2024-07-25T11:53:17.734Z",
"dateUpdated": "2026-06-03T11:39:15.008Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2024-7098 (GCVE-0-2024-7098)
Vulnerability from nvd – Published: 2024-09-16 14:50 – Updated: 2026-06-03 11:46
VLAI
EPSS
VEX
Title
XML Injection in SFS Consulting's ww.Winsure
Summary
Improper Restriction of XML External Entity Reference vulnerability in SFS Consulting ww.Winsure allows XML Injection.
This issue affects ww.Winsure: before 4.6.2.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-611 - Improper Restriction of XML External Entity Reference
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://www.usom.gov.tr/bildirim/tr-24-1475 | government-resourcebroken-link |
| https://siberguvenlik.gov.tr/guvenlik-bildirimler… | government-resource |
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| SFS Consulting | ww.Winsure |
Affected:
0 , < 4.6.2
(custom)
|
|
| sfs_consulting | wwwinsure |
Affected:
0 , < 4.6.2
(custom)
cpe:2.3:a:sfs_consulting:wwwinsure:*:*:*:*:*:*:*:* |
Credits
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:sfs_consulting:wwwinsure:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "wwwinsure",
"vendor": "sfs_consulting",
"versions": [
{
"lessThan": "4.6.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-7098",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-16T16:28:47.349766Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-16T16:30:21.853Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "ww.Winsure",
"vendor": "SFS Consulting",
"versions": [
{
"lessThan": "4.6.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Kaan ATMACA"
},
{
"lang": "en",
"type": "finder",
"value": "Berk \u0130MRAN"
},
{
"lang": "en",
"type": "sponsor",
"value": "Secure Future Inc."
},
{
"lang": "en",
"type": "finder",
"value": "Salih \u00d6ZEK"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Improper Restriction of XML External Entity Reference vulnerability in SFS Consulting ww.Winsure allows XML Injection.\u003cp\u003eThis issue affects ww.Winsure: before 4.6.2.\u003c/p\u003e"
}
],
"value": "Improper Restriction of XML External Entity Reference vulnerability in SFS Consulting ww.Winsure allows XML Injection.\n\nThis issue affects ww.Winsure: before 4.6.2."
}
],
"impacts": [
{
"capecId": "CAPEC-250",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-250 XML Injection"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 9.2,
"baseSeverity": "CRITICAL",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "HIGH",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:L/SC:H/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "LOW",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-611",
"description": "CWE-611 Improper Restriction of XML External Entity Reference",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-06-03T11:46:18.915Z",
"orgId": "ca940d4e-fea4-4aa2-9a58-591a58b1ce21",
"shortName": "TR-CERT"
},
"references": [
{
"tags": [
"government-resource",
"broken-link"
],
"url": "https://www.usom.gov.tr/bildirim/tr-24-1475"
},
{
"tags": [
"government-resource"
],
"url": "https://siberguvenlik.gov.tr/guvenlik-bildirimleri/detay/tr-24-1475"
}
],
"source": {
"advisory": "TR-24-1475",
"defect": [
"TR-24-1475"
],
"discovery": "UNKNOWN"
},
"title": "XML Injection in SFS Consulting\u0027s ww.Winsure",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "ca940d4e-fea4-4aa2-9a58-591a58b1ce21",
"assignerShortName": "TR-CERT",
"cveId": "CVE-2024-7098",
"datePublished": "2024-09-16T14:50:42.192Z",
"dateReserved": "2024-07-25T08:59:09.708Z",
"dateUpdated": "2026-06-03T11:46:18.915Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2024-7104 (GCVE-0-2024-7104)
Vulnerability from cvelistv5 – Published: 2024-09-16 14:52 – Updated: 2026-06-03 11:39
VLAI
EPSS
VEX
Title
Remote Code Execution in SFS Consulting's ww.Winsure
Summary
Improper Control of Generation of Code ('Code Injection') vulnerability in SFS Consulting ww.Winsure allows Code Injection.
This issue affects ww.Winsure: before 4.6.2.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-94 - Improper Control of Generation of Code ('Code Injection')
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://www.usom.gov.tr/bildirim/tr-24-1475 | government-resourcebroken-link |
| https://siberguvenlik.gov.tr/guvenlik-bildirimler… | government-resource |
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| SFS Consulting | ww.Winsure |
Affected:
0 , < 4.6.2
(custom)
|
|
| sfs_consulting | wwwinsure |
Affected:
0 , < 4.6.2
(custom)
cpe:2.3:a:sfs_consulting:wwwinsure:*:*:*:*:*:*:*:* |
Credits
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:sfs_consulting:wwwinsure:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "wwwinsure",
"vendor": "sfs_consulting",
"versions": [
{
"lessThan": "4.6.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-7104",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-16T15:28:17.324008Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-16T15:34:22.985Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "ww.Winsure",
"vendor": "SFS Consulting",
"versions": [
{
"lessThan": "4.6.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Salih \u00d6ZEK"
},
{
"lang": "en",
"type": "sponsor",
"value": "Secure Future Inc."
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Improper Control of Generation of Code (\u0027Code Injection\u0027) vulnerability in SFS Consulting ww.Winsure allows Code Injection.\u003cp\u003eThis issue affects ww.Winsure: before 4.6.2.\u003c/p\u003e"
}
],
"value": "Improper Control of Generation of Code (\u0027Code Injection\u0027) vulnerability in SFS Consulting ww.Winsure allows Code Injection.\n\nThis issue affects ww.Winsure: before 4.6.2."
}
],
"impacts": [
{
"capecId": "CAPEC-242",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-242 Code Injection"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 9.2,
"baseSeverity": "CRITICAL",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "HIGH",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:L/VA:N/SC:H/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "LOW",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-94",
"description": "CWE-94 Improper Control of Generation of Code (\u0027Code Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-06-03T11:39:15.008Z",
"orgId": "ca940d4e-fea4-4aa2-9a58-591a58b1ce21",
"shortName": "TR-CERT"
},
"references": [
{
"tags": [
"government-resource",
"broken-link"
],
"url": "https://www.usom.gov.tr/bildirim/tr-24-1475"
},
{
"tags": [
"government-resource"
],
"url": "https://siberguvenlik.gov.tr/guvenlik-bildirimleri/detay/tr-24-1475"
}
],
"source": {
"advisory": "TR-24-1475",
"defect": [
"TR-24-1475"
],
"discovery": "UNKNOWN"
},
"title": "Remote Code Execution in SFS Consulting\u0027s ww.Winsure",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "ca940d4e-fea4-4aa2-9a58-591a58b1ce21",
"assignerShortName": "TR-CERT",
"cveId": "CVE-2024-7104",
"datePublished": "2024-09-16T14:52:57.400Z",
"dateReserved": "2024-07-25T11:53:17.734Z",
"dateUpdated": "2026-06-03T11:39:15.008Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2024-7098 (GCVE-0-2024-7098)
Vulnerability from cvelistv5 – Published: 2024-09-16 14:50 – Updated: 2026-06-03 11:46
VLAI
EPSS
VEX
Title
XML Injection in SFS Consulting's ww.Winsure
Summary
Improper Restriction of XML External Entity Reference vulnerability in SFS Consulting ww.Winsure allows XML Injection.
This issue affects ww.Winsure: before 4.6.2.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-611 - Improper Restriction of XML External Entity Reference
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://www.usom.gov.tr/bildirim/tr-24-1475 | government-resourcebroken-link |
| https://siberguvenlik.gov.tr/guvenlik-bildirimler… | government-resource |
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| SFS Consulting | ww.Winsure |
Affected:
0 , < 4.6.2
(custom)
|
|
| sfs_consulting | wwwinsure |
Affected:
0 , < 4.6.2
(custom)
cpe:2.3:a:sfs_consulting:wwwinsure:*:*:*:*:*:*:*:* |
Credits
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:sfs_consulting:wwwinsure:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "wwwinsure",
"vendor": "sfs_consulting",
"versions": [
{
"lessThan": "4.6.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-7098",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-16T16:28:47.349766Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-16T16:30:21.853Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "ww.Winsure",
"vendor": "SFS Consulting",
"versions": [
{
"lessThan": "4.6.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Kaan ATMACA"
},
{
"lang": "en",
"type": "finder",
"value": "Berk \u0130MRAN"
},
{
"lang": "en",
"type": "sponsor",
"value": "Secure Future Inc."
},
{
"lang": "en",
"type": "finder",
"value": "Salih \u00d6ZEK"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Improper Restriction of XML External Entity Reference vulnerability in SFS Consulting ww.Winsure allows XML Injection.\u003cp\u003eThis issue affects ww.Winsure: before 4.6.2.\u003c/p\u003e"
}
],
"value": "Improper Restriction of XML External Entity Reference vulnerability in SFS Consulting ww.Winsure allows XML Injection.\n\nThis issue affects ww.Winsure: before 4.6.2."
}
],
"impacts": [
{
"capecId": "CAPEC-250",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-250 XML Injection"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 9.2,
"baseSeverity": "CRITICAL",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "HIGH",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:L/SC:H/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "LOW",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-611",
"description": "CWE-611 Improper Restriction of XML External Entity Reference",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-06-03T11:46:18.915Z",
"orgId": "ca940d4e-fea4-4aa2-9a58-591a58b1ce21",
"shortName": "TR-CERT"
},
"references": [
{
"tags": [
"government-resource",
"broken-link"
],
"url": "https://www.usom.gov.tr/bildirim/tr-24-1475"
},
{
"tags": [
"government-resource"
],
"url": "https://siberguvenlik.gov.tr/guvenlik-bildirimleri/detay/tr-24-1475"
}
],
"source": {
"advisory": "TR-24-1475",
"defect": [
"TR-24-1475"
],
"discovery": "UNKNOWN"
},
"title": "XML Injection in SFS Consulting\u0027s ww.Winsure",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "ca940d4e-fea4-4aa2-9a58-591a58b1ce21",
"assignerShortName": "TR-CERT",
"cveId": "CVE-2024-7098",
"datePublished": "2024-09-16T14:50:42.192Z",
"dateReserved": "2024-07-25T08:59:09.708Z",
"dateUpdated": "2026-06-03T11:46:18.915Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}