VYPR

CWE-611

Improper Restriction of XML External Entity Reference

BaseDraft

Description

The product processes an XML document that can contain XML entities with URIs that resolve to documents outside of the intended sphere of control, causing the product to embed incorrect documents into its output.

Hierarchy (View 1000)

Parents

Children

none

Related attack patterns (CAPEC)

CAPEC-221

CVEs mapped to this weakness (684)

page 3 of 35
  • CVE-2017-10670CriJun 30, 2017
    risk 0.64cvss 9.8epss 0.01

    An XML External Entity (XXE) issue exists in OSCI-Transport 1.2 as used in OSCI Transport Library 1.6.1 (Java) and OSCI Transport Library 1.6 (.NET), exploitable by sending a crafted standard-conforming OSCI message from within the infrastructure.

  • CVE-2017-7503CriMay 18, 2017
    risk 0.64cvss 9.8epss 0.02

    It was found that the Red Hat JBoss EAP 7.0.5 implementation of javax.xml.transform.TransformerFactory is vulnerable to XXE. An attacker could use this flaw to launch DoS or SSRF attacks, or read files from the server where EAP is deployed.

  • CVE-2015-7273CriApr 10, 2017
    risk 0.64cvss 9.8epss 0.01

    Dell Integrated Remote Access Controller (iDRAC) 7/8 before 2.21.21.21 has XXE.

  • CVE-2016-9924CriMar 29, 2017
    risk 0.64cvss 9.8epss 0.03

    Zimbra Collaboration Suite (ZCS) before 8.7.4 allows remote attackers to conduct XML External Entity (XXE) attacks.

  • CVE-2017-6895CriMar 23, 2017
    risk 0.64cvss 9.8epss 0.03

    USB Pratirodh allows remote attackers to conduct XML External Entity (XXE) attacks via XML data in usb.xml.

  • CVE-2016-8348CriFeb 13, 2017
    risk 0.64cvss 9.8epss 0.04

    An XML External Entity (XXE) issue was discovered in Emerson Liebert SiteScan Web Version 6.5, and prior. An attacker may enter malicious input to Liebert SiteScan through a weakly configured XML parser causing the application to execute arbitrary code or disclose file contents…

  • CVE-2016-4264HigSep 1, 2016
    risk 0.64cvss 8.6epss 0.69

    The Office Open XML (OOXML) feature in Adobe ColdFusion 10 before Update 21 and 11 before Update 10 allows remote attackers to read arbitrary files or send TCP requests to intranet servers via a crafted OOXML spreadsheet containing an external entity declaration in conjunction…

  • CVE-2016-3720CriJun 10, 2016
    risk 0.64cvss 9.8epss 0.03

    XML external entity (XXE) vulnerability in XmlMapper in the Data format extension for Jackson (aka jackson-dataformat-xml) allows attackers to have unspecified impact via unknown vectors.

  • CVE-2018-1000639CriAug 20, 2018
    risk 0.63cvss 9.6epss 0.02

    LatexDraw version <=4.0 contains a XML External Entity (XXE) vulnerability in SVG parsing functionality that can result in disclosure of data, server side request forgery, port scanning, possible rce. This attack appear to be exploitable via Specially crafted SVG file.

  • CVE-2015-8866CriMay 22, 2016
    risk 0.63cvss 9.6epss 0.04

    ext/libxml/libxml.c in PHP before 5.5.22 and 5.6.x before 5.6.6, when PHP-FPM is used, does not isolate each thread from libxml_disable_entity_loader changes in other threads, which allows remote attackers to conduct XML External Entity (XXE) and XML Entity Expansion (XEE)…

  • CVE-2016-3974CriApr 7, 2016
    risk 0.63cvss 9.1epss 0.15

    XML external entity (XXE) vulnerability in the Configuration Wizard in SAP NetWeaver Java AS 7.1 through 7.5 allows remote attackers to cause a denial of service, conduct SMB Relay attacks, or access arbitrary files via a crafted XML request to…

  • CVE-2018-8420HigSep 13, 2018
    risk 0.61cvss 8.8epss 0.49

    A remote code execution vulnerability exists when the Microsoft XML Core Services MSXML parser processes user input, aka "MS XML Remote Code Execution Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012,…

  • CVE-2016-8526HigAug 6, 2018
    risk 0.61cvss 8.8epss 0.10

    Aruba Airwave all versions up to, but not including, 8.2.3.1 is vulnerable to an XML external entities (XXE). XXEs are a way to permit XML parsers to access storage that exist on external systems. If an unprivileged user is permitted to control the contents of XML files, XXE can…

  • CVE-2018-3881CriAug 1, 2018
    risk 0.61cvss 9.4epss 0.01

    An exploitable unauthenticated XML external injection vulnerability was identified in FocalScope v2416. A unauthenticated attacker could submit a specially crafted web request to FocalScope's server that could cause an XXE, and potentially result in data compromise.

  • CVE-2024-10218CriNov 12, 2024
    risk 0.60cvss epss 0.00

    XSS Attack in mar.jar, Monitoring Archive Utility (MAR Utility), monitoringconsolecommon.jar in TIBCO Software Inc TIBCO Hawk and TIBCO Operational Intelligence

  • CVE-2017-1000190CriNov 17, 2017
    risk 0.60cvss 9.1epss 0.05

    SimpleXML (latest version 2.7.1) is vulnerable to an XXE vulnerability resulting SSRF, information disclosure, DoS and so on.

  • CVE-2015-1832CriOct 3, 2016
    risk 0.60cvss 9.1epss 0.12

    XML external entity (XXE) vulnerability in the SqlXmlUtil code in Apache Derby before 10.12.1.1, when a Java Security Manager is not in place, allows context-dependent attackers to read arbitrary files or cause a denial of service (resource consumption) via vectors involving…

  • CVE-2026-40682CriMay 4, 2026
    risk 0.59cvss 9.1epss 0.01

    XML External Entity (XXE) via Unsanitized Dictionary Parsing in Apache OpenNLP DictionaryEntryPersistor Versions Affected: before 2.5.9, before 3.0.0-M3 Description: The DictionaryEntryPersistor class initializes a static SAXParserFactory at class-load time without enabling…

  • CVE-2025-14543CriApr 30, 2026
    risk 0.59cvss 9.1epss 0.00

    Improper Restriction of XML External Entity Reference vulnerability in Connext Professional (Core Libraries) allows Serialized Data External Linking.This issue affects Connext Professional: from 7.4.0 before 7.7.0, from 7.0.0 before 7.3.1.1, from 6.1.0 before 6.1.*, from 6.0.0…

  • CVE-2026-4374CriApr 1, 2026
    risk 0.59cvss 9.1epss 0.00

    Improper Restriction of XML External Entity Reference vulnerability in RTI Connext Professional (Routing Service,Observability Collector,Recording Service,Queueing Service,Cloud Discovery Service) allows Serialized Data External Linking, Data Serializat...