Medium severity6.5NVD Advisory· Published Jul 18, 2025· Updated Apr 15, 2026

CVE-2025-52162

Description

agorum Software GmbH Agorum core open v11.9.2 & v11.10.1 was discovered to contain an XML External Entity (XXE) via the RSSReader endpoint. This vulnerability allows attackers to access sensitive data via providing a crafted XML input.

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

agorum.comnvd
herolab.usd.de/security-advisories/usd-2025-0024/nvd

News mentions

No linked articles in our index yet.

cvss	0.423
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000