VYPR

CWE-611

Improper Restriction of XML External Entity Reference

BaseDraft

Description

The product processes an XML document that can contain XML entities with URIs that resolve to documents outside of the intended sphere of control, causing the product to embed incorrect documents into its output.

Hierarchy (View 1000)

Parents

Children

none

Related attack patterns (CAPEC)

CAPEC-221

CVEs mapped to this weakness (684)

page 12 of 35
  • CVE-2017-9231HigJun 16, 2017
    risk 0.49cvss 7.5epss 0.02

    XML external entity (XXE) vulnerability in Citrix XenMobile Server 9.x and 10.x before 10.5 RP3 allows attackers to obtain sensitive information via unspecified vectors.

  • CVE-2016-10097HigJan 2, 2017
    risk 0.49cvss 7.5epss 0.02

    XML External Entity (XXE) Vulnerability in /SSOPOST/metaAlias/%realm%/idpv2 in OpenAM - Access Management 10.1.0 allows remote attackers to read arbitrary files via the SAMLRequest parameter.

  • CVE-2016-6408HigSep 24, 2016
    risk 0.49cvss 7.5epss 0.01

    Cisco Prime Home 5.2.0 allows remote attackers to read arbitrary files via an XML document containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue, aka Bug ID CSCvb17814.

  • CVE-2016-4216HigJul 13, 2016
    risk 0.49cvss 7.5epss 0.04

    XMPCore in Adobe XMP Toolkit for Java before 5.1.3 allows remote attackers to read arbitrary files via XML data containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue.

  • CVE-2026-47960HigJun 9, 2026
    risk 0.48cvss 7.4epss 0.00

    ColdFusion versions 2023.19, 2025.8 and earlier are affected by an Improper Restriction of XML External Entity Reference ('XXE') vulnerability that could lead to arbitrary file system read. An attacker could exploit this vulnerability to access sensitive files and directories…

  • CVE-2018-6486HigFeb 2, 2018
    risk 0.48cvss 7.3epss 0.01

    XML External Entity (XXE) vulnerability in Micro Focus Fortify Audit Workbench (AWB) and Micro Focus Fortify Software Security Center (SSC), versions 16.10, 16.20, 17.10. This vulnerability could be exploited to allow a XML External Entity (XXE) injection.

  • CVE-2016-5795HigAug 31, 2017
    risk 0.48cvss 7.3epss 0.02

    An XXE issue was discovered in Automated Logic Corporation (ALC) Liebert SiteScan Web Version 6.5 and prior, ALC WebCTRL Version 6.5 and prior, and Carrier i-Vu Version 6.5 and prior. An attacker could enter malicious input to WebCTRL, i-Vu, or SiteScan Web through a weakly…

  • CVE-2017-5662HigApr 18, 2017
    risk 0.48cvss 7.3epss 0.04

    In Apache Batik before 1.9, files lying on the filesystem of the server which uses batik can be revealed to arbitrary users who send maliciously formed SVG files. The file types that can be shown depend on the user context in which the exploitable application is running. If the…

  • CVE-2017-5661HigApr 18, 2017
    risk 0.48cvss 7.3epss 0.03

    In Apache FOP before 2.2, files lying on the filesystem of the server which uses FOP can be revealed to arbitrary users who send maliciously formed SVG files. The file types that can be shown depend on the user context in which the exploitable application is running. If the user…

  • CVE-2025-11341HigOct 6, 2025
    risk 0.47cvss 7.3epss 0.00

    A security flaw has been discovered in Jinher OA up to 2.0. This affects an unknown function of the file /c6/Jhsoft.Web.module/eformaspx/WebDesign.aspx/?type=SystemUserInfo&style=1. Performing manipulation results in xml external entity reference. Remote exploitation of the…

  • CVE-2025-11140HigSep 29, 2025
    risk 0.47cvss 7.3epss 0.01

    A vulnerability was identified in Bjskzy Zhiyou ERP up to 11.0. Affected by this vulnerability is the function openForm of the component com.artery.richclient.RichClientService. Such manipulation of the argument contentString leads to xml external entity reference. The attack…

  • CVE-2025-10816HigSep 22, 2025
    risk 0.47cvss 7.3epss 0.01

    A security flaw has been discovered in Jinher OA 2.0. This affects an unknown part of the file /c6/Jhsoft.Web.module/ToolBar/GetWordFileName.aspx/?text=GetUrl&style=add of the component XML Handler. Performing manipulation results in xml external entity reference. The attack may…

  • CVE-2025-10092HigSep 8, 2025
    risk 0.47cvss 7.3epss 0.01

    A vulnerability was found in Jinher OA up to 1.2. This impacts an unknown function of the file /c6/Jhsoft.Web.projectmanage/TaskManage/AddTask.aspx/?Type=add of the component XML Handler. The manipulation results in xml external entity reference. The attack can be executed…

  • CVE-2025-10091HigSep 8, 2025
    risk 0.47cvss 7.3epss 0.01

    A vulnerability has been found in Jinher OA up to 1.2. This affects an unknown function of the file /c6/Jhsoft.Web.projectmanage/ProjectManage/XmlHttp.aspx/?Type=add of the component XML Handler. The manipulation leads to xml external entity reference. Remote exploitation of the…

  • CVE-2025-7824HigJul 19, 2025
    risk 0.47cvss 7.3epss 0.00

    A vulnerability was found in Jinher OA 1.1. It has been rated as problematic. This issue affects some unknown processing of the file XmlHttp.aspx. The manipulation leads to xml external entity reference. The attack may be initiated remotely. The exploit has been disclosed to the…

  • CVE-2025-7823HigJul 19, 2025
    risk 0.47cvss 7.3epss 0.00

    A vulnerability was found in Jinher OA 1.2. It has been declared as problematic. This vulnerability affects unknown code of the file ProjectScheduleDelete.aspx. The manipulation leads to xml external entity reference. The attack can be initiated remotely. The exploit has been…

  • CVE-2025-7523HigJul 13, 2025
    risk 0.47cvss 7.3epss 0.01

    A vulnerability was found in Jinher OA 1.0 and classified as problematic. Affected by this issue is some unknown functionality of the file /c6/Jhsoft.Web.message/ToolBar/DelTemp.aspx. The manipulation leads to xml external entity reference. The attack may be launched remotely.…

  • CVE-2024-52806HigDec 2, 2024
    risk 0.47cvss 8.3epss 0.00

    SimpleSAMLphp SAML2 library is a PHP library for SAML2 related functionality. When loading an (untrusted) XML document, for example the SAMLResponse, it's possible to induce an XXE. This vulnerability is fixed in 4.6.14 and 5.0.0-alpha.18.

  • CVE-2023-49110HigJun 20, 2024
    risk 0.47cvss 7.2epss 0.01

    When the Kiuwan Local Analyzer uploads the scan results to the Kiuwan SAST web application (either on-premises or cloud/SaaS solution), the transmitted data consists of a ZIP archive containing several files, some of them in the XML file format. During Kiuwan's server-side…

  • CVE-2018-1000056HigFeb 9, 2018
    risk 0.47cvss 8.3epss 0.01

    Jenkins JUnit Plugin 1.23 and earlier processes XML external entities in files it parses as part of the build process, allowing attackers with user permissions in Jenkins to extract secrets from the Jenkins master, perform server-side request forgery, or denial-of-service…