CWE-611
Improper Restriction of XML External Entity Reference
Description
The product processes an XML document that can contain XML entities with URIs that resolve to documents outside of the intended sphere of control, causing the product to embed incorrect documents into its output.
Hierarchy (View 1000)
Parents
Children
none
Related attack patterns (CAPEC)
CAPEC-221
CVEs mapped to this weakness (684)
page 16 of 35| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2015-0194 | Med | 0.42 | 6.5 | 0.01 | Aug 2, 2017 | XML External Entity (XXE) vulnerability in IBM Sterling B2B Integrator 5.1 and 5.2 and IBM Sterling File Gateway 2.1 and 2.2 allows remote attackers to read arbitrary files via a crafted XML data. | ||
| CVE-2017-11457 | Med | 0.42 | 6.5 | 0.01 | Jul 25, 2017 | XML external entity (XXE) vulnerability in com.sap.km.cm.ice in SAP NetWeaver AS JAVA 7.5 allows remote authenticated users to read arbitrary files or conduct server-side request forgery (SSRF) attacks via a crafted DTD in an XML request, aka SAP Security Note 2387249. | ||
| CVE-2017-1219 | Med | 0.42 | 6.5 | 0.02 | Jul 19, 2017 | IBM Tivoli Endpoint Manager is vulnerable to a XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 123859. | ||
| CVE-2016-0254 | Med | 0.42 | 6.5 | 0.02 | Jun 7, 2017 | IBM Cognos Business Intelligence 10.1 and 10.2 is vulnerable to a denial of service, caused by an XML External Entity Injection (XXE) error when processing XML data. A remote authenticated attacker could exploit this vulnerability to consume all available CPU resources and cause… | ||
| CVE-2017-2308 | Med | 0.42 | 6.5 | 0.01 | May 30, 2017 | An XML External Entity Injection vulnerability in Juniper Networks Junos Space versions prior to 16.1R1 may allow an authenticated user to read arbitrary files on the device. | ||
| CVE-2017-9295 | Med | 0.42 | 6.5 | 0.01 | May 29, 2017 | XXE vulnerability in Hitachi Device Manager before 8.5.2-01 and Hitachi Replication Manager before 8.5.2-00 allows authenticated remote users to read arbitrary files. | ||
| CVE-2016-10149 | Hig | 0.42 | 7.5 | 0.04 | Mar 24, 2017 | XML External Entity (XXE) vulnerability in PySAML2 4.4.0 and earlier allows remote attackers to read arbitrary files via a crafted SAML XML request or response. | ||
| CVE-2016-4931 | Med | 0.42 | 6.5 | 0.01 | Mar 20, 2017 | XML entity injection in Junos Space before 15.2R2 allows attackers to cause a denial of service. | ||
| CVE-2017-3811 | Med | 0.42 | 6.5 | 0.01 | Mar 17, 2017 | An XML External Entity vulnerability in Cisco WebEx Meetings Server could allow an authenticated, remote attacker to have read access to part of the information stored in the affected system. More Information: CSCvc39165. Known Affected Releases: 2.6. Known Fixed Releases:… | ||
| CVE-2016-3027 | Med | 0.42 | 6.5 | 0.01 | Feb 1, 2017 | IBM Security Access Manager for Web is vulnerable to a denial of service, caused by an XML External Entity Injection (XXE) error when processing XML data. A remote attacker could exploit this vulnerability to expose highly sensitive information or consume all available memory… | ||
| CVE-2015-7743 | Med | 0.42 | 6.5 | 0.01 | Jan 23, 2017 | XML external entity vulnerability in PRTG Network Monitor before 16.2.23.3077/3078 allows remote authenticated users to read arbitrary files by creating a new HTTP XML/REST Value sensor that accesses a crafted XML file. | ||
| CVE-2012-3489 | Med | 0.42 | 6.5 | 0.03 | Oct 3, 2012 | The xml_parse function in the libxml2 support in the core server component in PostgreSQL 8.3 before 8.3.20, 8.4 before 8.4.13, 9.0 before 9.0.9, and 9.1 before 9.1.5 allows remote authenticated users to determine the existence of arbitrary files or URLs, and possibly obtain file… | ||
| CVE-2026-4980 | Med | 0.41 | 6.3 | 0.00 | Mar 27, 2026 | A local file disclosure vulnerability in the XInclude processing component of Inkscape 1.1 before 1.3 allows a remote attacker to read local files via a crafted SVG file containing malicious xi:include tags. | ||
| CVE-2026-2536 | Med | 0.41 | 6.3 | 0.00 | Feb 16, 2026 | A vulnerability was determined in opencc JFlow up to 20260129. This affects the function Imp_Done of the file src/main/java/bp/wf/httphandler/WF_Admin_AttrFlow.java of the component Workflow Engine. This manipulation of the argument File causes xml external entity reference. The… | ||
| CVE-2026-2074 | Med | 0.41 | 6.3 | 0.00 | Feb 7, 2026 | A vulnerability was identified in O2OA up to 9.0.0. This impacts an unknown function of the file /x_program_center/jaxrs/mpweixin/check of the component HTTP POST Request Handler. The manipulation leads to xml external entity reference. It is possible to initiate the attack… | ||
| CVE-2026-1218 | Med | 0.41 | 6.3 | 0.00 | Jan 20, 2026 | A vulnerability was detected in Bjskzy Zhiyou ERP up to 11.0. Impacted is the function initRCForm of the file RichClientService.class of the component com.artery.richclient.RichClientService. Performing a manipulation results in xml external entity reference. The attack is… | ||
| CVE-2025-13209 | — | Med | 0.41 | 6.3 | 0.00 | Nov 15, 2025 | A weakness has been identified in bestfeng oa_git_free up to 9.5. This affects the function updateWriteBack of the file yimioa-oa9.5\server\c-flow\src\main\java\com\cloudweb\oa\controller\WorkflowPredefineController.java. This manipulation of the argument writeProp causes xml… | |
| CVE-2025-11035 | Med | 0.41 | 6.3 | 0.00 | Sep 26, 2025 | A vulnerability was determined in Jinher OA 2.0. The impacted element is an unknown function of the file /c6/Jhsoft.Web.module/ToolBar/ManageWord.aspx/?text=GetUrl&style=1. This manipulation causes xml external entity reference. The attack can be initiated remotely. The exploit… | ||
| CVE-2025-5877 | Med | 0.41 | 6.3 | 0.00 | Jun 9, 2025 | A vulnerability, which was classified as problematic, has been found in Fengoffice Feng Office 3.2.2.1. Affected by this issue is some unknown functionality of the file /application/models/ApplicationDataObject.class.php of the component Document Upload Handler. The manipulation… | ||
| CVE-2025-2365 | Med | 0.41 | 6.3 | 0.00 | Mar 17, 2025 | A vulnerability, which was classified as problematic, has been found in crmeb_java up to 1.3.4. Affected by this issue is the function webHook of the file WeChatMessageController.java. The manipulation leads to xml external entity reference. The attack may be launched remotely.… |
- risk 0.42cvss 6.5epss 0.01
XML External Entity (XXE) vulnerability in IBM Sterling B2B Integrator 5.1 and 5.2 and IBM Sterling File Gateway 2.1 and 2.2 allows remote attackers to read arbitrary files via a crafted XML data.
- risk 0.42cvss 6.5epss 0.01
XML external entity (XXE) vulnerability in com.sap.km.cm.ice in SAP NetWeaver AS JAVA 7.5 allows remote authenticated users to read arbitrary files or conduct server-side request forgery (SSRF) attacks via a crafted DTD in an XML request, aka SAP Security Note 2387249.
- risk 0.42cvss 6.5epss 0.02
IBM Tivoli Endpoint Manager is vulnerable to a XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 123859.
- risk 0.42cvss 6.5epss 0.02
IBM Cognos Business Intelligence 10.1 and 10.2 is vulnerable to a denial of service, caused by an XML External Entity Injection (XXE) error when processing XML data. A remote authenticated attacker could exploit this vulnerability to consume all available CPU resources and cause…
- risk 0.42cvss 6.5epss 0.01
An XML External Entity Injection vulnerability in Juniper Networks Junos Space versions prior to 16.1R1 may allow an authenticated user to read arbitrary files on the device.
- risk 0.42cvss 6.5epss 0.01
XXE vulnerability in Hitachi Device Manager before 8.5.2-01 and Hitachi Replication Manager before 8.5.2-00 allows authenticated remote users to read arbitrary files.
- risk 0.42cvss 7.5epss 0.04
XML External Entity (XXE) vulnerability in PySAML2 4.4.0 and earlier allows remote attackers to read arbitrary files via a crafted SAML XML request or response.
- risk 0.42cvss 6.5epss 0.01
XML entity injection in Junos Space before 15.2R2 allows attackers to cause a denial of service.
- risk 0.42cvss 6.5epss 0.01
An XML External Entity vulnerability in Cisco WebEx Meetings Server could allow an authenticated, remote attacker to have read access to part of the information stored in the affected system. More Information: CSCvc39165. Known Affected Releases: 2.6. Known Fixed Releases:…
- risk 0.42cvss 6.5epss 0.01
IBM Security Access Manager for Web is vulnerable to a denial of service, caused by an XML External Entity Injection (XXE) error when processing XML data. A remote attacker could exploit this vulnerability to expose highly sensitive information or consume all available memory…
- risk 0.42cvss 6.5epss 0.01
XML external entity vulnerability in PRTG Network Monitor before 16.2.23.3077/3078 allows remote authenticated users to read arbitrary files by creating a new HTTP XML/REST Value sensor that accesses a crafted XML file.
- risk 0.42cvss 6.5epss 0.03
The xml_parse function in the libxml2 support in the core server component in PostgreSQL 8.3 before 8.3.20, 8.4 before 8.4.13, 9.0 before 9.0.9, and 9.1 before 9.1.5 allows remote authenticated users to determine the existence of arbitrary files or URLs, and possibly obtain file…
- risk 0.41cvss 6.3epss 0.00
A local file disclosure vulnerability in the XInclude processing component of Inkscape 1.1 before 1.3 allows a remote attacker to read local files via a crafted SVG file containing malicious xi:include tags.
- risk 0.41cvss 6.3epss 0.00
A vulnerability was determined in opencc JFlow up to 20260129. This affects the function Imp_Done of the file src/main/java/bp/wf/httphandler/WF_Admin_AttrFlow.java of the component Workflow Engine. This manipulation of the argument File causes xml external entity reference. The…
- risk 0.41cvss 6.3epss 0.00
A vulnerability was identified in O2OA up to 9.0.0. This impacts an unknown function of the file /x_program_center/jaxrs/mpweixin/check of the component HTTP POST Request Handler. The manipulation leads to xml external entity reference. It is possible to initiate the attack…
- risk 0.41cvss 6.3epss 0.00
A vulnerability was detected in Bjskzy Zhiyou ERP up to 11.0. Impacted is the function initRCForm of the file RichClientService.class of the component com.artery.richclient.RichClientService. Performing a manipulation results in xml external entity reference. The attack is…
- risk 0.41cvss 6.3epss 0.00
A weakness has been identified in bestfeng oa_git_free up to 9.5. This affects the function updateWriteBack of the file yimioa-oa9.5\server\c-flow\src\main\java\com\cloudweb\oa\controller\WorkflowPredefineController.java. This manipulation of the argument writeProp causes xml…
- risk 0.41cvss 6.3epss 0.00
A vulnerability was determined in Jinher OA 2.0. The impacted element is an unknown function of the file /c6/Jhsoft.Web.module/ToolBar/ManageWord.aspx/?text=GetUrl&style=1. This manipulation causes xml external entity reference. The attack can be initiated remotely. The exploit…
- risk 0.41cvss 6.3epss 0.00
A vulnerability, which was classified as problematic, has been found in Fengoffice Feng Office 3.2.2.1. Affected by this issue is some unknown functionality of the file /application/models/ApplicationDataObject.class.php of the component Document Upload Handler. The manipulation…
- risk 0.41cvss 6.3epss 0.00
A vulnerability, which was classified as problematic, has been found in crmeb_java up to 1.3.4. Affected by this issue is the function webHook of the file WeChatMessageController.java. The manipulation leads to xml external entity reference. The attack may be launched remotely.…