XR3Player version <= V3.124 contains a XML External Entity (XXE) vulnerability in Playlist parser that can result in Disclosure of confidential data, denial of service, SSRF, port scanning.
{
"source": "CPE_RANGE",
"cpe": "cpe:2.3:a:xr3player_project:xr3player:*:*:*:*:*:*:*:*",
"extracted_events": [
{
"introduced": "0"
},
{
"last_affected": "3.124"
}
]
}