VYPR
Medium severity5.3NVD Advisory· Published Aug 21, 2025· Updated Apr 15, 2026

CVE-2025-47184

CVE-2025-47184

Description

An XML external entities (XXE) injection vulnerability in the /init API endpoint in Exagid EX10 before 6.4.0 P20, 7.0.1 P12, and 7.2.0 P08 allows an authenticated, unprivileged attacker to achieve information disclosure and privilege escalation via a crafted ISys XML message.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

1
  • Exagrid/EX10llm-create
    Range: <6.4.0 P20 ∧ <7.0.1 P12 ∧ <7.2.0 P08

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.