VYPR

CWE-610

Externally Controlled Reference to a Resource in Another Sphere

ClassDraft

Description

The product uses an externally controlled name or reference that resolves to a resource that is outside of the intended control sphere.

Hierarchy (View 1000)

Related attack patterns (CAPEC)

CAPEC-219

CVEs mapped to this weakness (65)

page 1 of 4
  • CVE-2026-30903CriMar 11, 2026
    risk 0.62cvss 9.6epss 0.00

    External Control of File Name or Path in the Mail feature of Zoom Workplace for Windows before 6.6.0 may allow an unauthenticated user to conduct an escalation of privilege via network access.

  • CVE-2026-0522HigApr 1, 2026
    risk 0.57cvss 8.8epss 0.01

    A local file inclusion vulnerability in the upload/download flow of the VertiGIS FM application allows authenticated attackers to read arbitrary files from the server by manipulating a file's path during its upload. When the file is subsequently downloaded, the file in the…

  • CVE-2026-34327HigMay 7, 2026
    risk 0.53cvss 8.2epss 0.01

    Externally controlled reference to a resource in another sphere in Microsoft Partner Center allows an unauthorized attacker to perform spoofing over a network.

  • CVE-2024-32980CriMay 8, 2024
    risk 0.52cvss 9.1epss 0.00

    Spin is the developer tool for building and running serverless applications powered by WebAssembly. Prior to 2.4.3, some specifically configured Spin applications that use `self` requests without a specified URL authority can be induced to make requests to arbitrary hosts via…

  • CVE-2026-30905HigMay 13, 2026
    risk 0.51cvss 7.8epss 0.00

    External Control of File Name or Path in the Zoom Workplace VDI Plugin Windows Universal Installer before version 6.6.11 may allow an authenticated user to conduct an escalation of privilege via local access.

  • CVE-2022-46869HigAug 31, 2023
    risk 0.51cvss 7.8epss 0.00

    Local privilege escalation during installation due to improper soft link handling. The following products are affected: Acronis Cyber Protect Home Office (Windows) before build 40278, Acronis True Image OEM (Windows) before build 42575.

  • CVE-2026-47358HigMay 19, 2026
    risk 0.49cvss 7.5epss 0.00

    Terrascan v1.18.3 and prior are vulnerable to Server-Side Request Forgery (SSRF) via external URL resolution in uploaded IaC templates when running in server mode. When Terrascan parses uploaded ARM templates or CloudFormation templates, it resolves external URLs referenced…

  • CVE-2026-47357HigMay 19, 2026
    risk 0.49cvss 7.5epss 0.00

    Terrascan v1.18.3 and prior are vulnerable to Server-Side Request Forgery (SSRF) via the remote_url parameter in the remote directory scan endpoint (POST /v1/{iac}/{iacVersion}/{cloud}/remote/dir/scan) when running in server mode. An unauthenticated remote attacker can supply an…

  • CVE-2025-2875HigMay 14, 2025
    risk 0.49cvss 7.5epss 0.00

    CWE-610: Externally Controlled Reference to a Resource in Another Sphere vulnerability exists that could cause a loss of confidentiality when an unauthenticated attacker manipulates controller’s webserver URL to access resources.

  • CVE-2026-41107HigMay 12, 2026
    risk 0.48cvss 7.4epss 0.01

    External control of file name or path in Microsoft Edge (Chromium-based) allows an unauthorized attacker to disclose information over a network.

  • CVE-2025-11341HigOct 6, 2025
    risk 0.47cvss 7.3epss 0.00

    A security flaw has been discovered in Jinher OA up to 2.0. This affects an unknown function of the file /c6/Jhsoft.Web.module/eformaspx/WebDesign.aspx/?type=SystemUserInfo&style=1. Performing manipulation results in xml external entity reference. Remote exploitation of the…

  • CVE-2025-11140HigSep 29, 2025
    risk 0.47cvss 7.3epss 0.01

    A vulnerability was identified in Bjskzy Zhiyou ERP up to 11.0. Affected by this vulnerability is the function openForm of the component com.artery.richclient.RichClientService. Such manipulation of the argument contentString leads to xml external entity reference. The attack…

  • CVE-2025-10816HigSep 22, 2025
    risk 0.47cvss 7.3epss 0.01

    A security flaw has been discovered in Jinher OA 2.0. This affects an unknown part of the file /c6/Jhsoft.Web.module/ToolBar/GetWordFileName.aspx/?text=GetUrl&style=add of the component XML Handler. Performing manipulation results in xml external entity reference. The attack may…

  • CVE-2025-10092HigSep 8, 2025
    risk 0.47cvss 7.3epss 0.01

    A vulnerability was found in Jinher OA up to 1.2. This impacts an unknown function of the file /c6/Jhsoft.Web.projectmanage/TaskManage/AddTask.aspx/?Type=add of the component XML Handler. The manipulation results in xml external entity reference. The attack can be executed…

  • CVE-2025-10091HigSep 8, 2025
    risk 0.47cvss 7.3epss 0.01

    A vulnerability has been found in Jinher OA up to 1.2. This affects an unknown function of the file /c6/Jhsoft.Web.projectmanage/ProjectManage/XmlHttp.aspx/?Type=add of the component XML Handler. The manipulation leads to xml external entity reference. Remote exploitation of the…

  • CVE-2025-48963HigAug 28, 2025
    risk 0.47cvss 7.3epss 0.00

    Local privilege escalation due to improper soft link handling. The following products are affected: Acronis Cyber Protect Cloud Agent (Linux, macOS, Windows) before build 40296.

  • CVE-2025-7824HigJul 19, 2025
    risk 0.47cvss 7.3epss 0.00

    A vulnerability was found in Jinher OA 1.1. It has been rated as problematic. This issue affects some unknown processing of the file XmlHttp.aspx. The manipulation leads to xml external entity reference. The attack may be initiated remotely. The exploit has been disclosed to the…

  • CVE-2025-7823HigJul 19, 2025
    risk 0.47cvss 7.3epss 0.00

    A vulnerability was found in Jinher OA 1.2. It has been declared as problematic. This vulnerability affects unknown code of the file ProjectScheduleDelete.aspx. The manipulation leads to xml external entity reference. The attack can be initiated remotely. The exploit has been…

  • CVE-2025-7523HigJul 13, 2025
    risk 0.47cvss 7.3epss 0.01

    A vulnerability was found in Jinher OA 1.0 and classified as problematic. Affected by this issue is some unknown functionality of the file /c6/Jhsoft.Web.message/ToolBar/DelTemp.aspx. The manipulation leads to xml external entity reference. The attack may be launched remotely.…

  • CVE-2026-45760HigMay 21, 2026
    risk 0.46cvss 8.1epss 0.00

    (Externally Controlled Reference to a Resource in Another Sphere), (Authorization Bypass Through User-Controlled Key) vulnerability in Apache Camel K. Authorized users in a Kubernetes namespace can create a Build resource, controlling the Pod generation in a namespace of their…