CWE-611
Improper Restriction of XML External Entity Reference
Description
The product processes an XML document that can contain XML entities with URIs that resolve to documents outside of the intended sphere of control, causing the product to embed incorrect documents into its output.
Hierarchy (View 1000)
Parents
Children
none
Related attack patterns (CAPEC)
CAPEC-221
CVEs mapped to this weakness (684)
page 6 of 35| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2018-1000012 | — | Hig | 0.57 | 8.8 | 0.01 | Jan 23, 2018 | Jenkins Warnings Plugin 4.64 and earlier processes XML external entities in files it parses as part of the build process, allowing attackers with user permissions in Jenkins to extract secrets from the Jenkins master, perform server-side request forgery, or denial-of-service… | |
| CVE-2018-1000011 | — | Hig | 0.57 | 8.8 | 0.01 | Jan 23, 2018 | Jenkins FindBugs Plugin 4.71 and earlier processes XML external entities in files it parses as part of the build process, allowing attackers with user permissions in Jenkins to extract secrets from the Jenkins master, perform server-side request forgery, or denial-of-service… | |
| CVE-2018-1000010 | — | Hig | 0.57 | 8.8 | 0.01 | Jan 23, 2018 | Jenkins DRY Plugin 2.49 and earlier processes XML external entities in files it parses as part of the build process, allowing attackers with user permissions in Jenkins to extract secrets from the Jenkins master, perform server-side request forgery, or denial-of-service attacks. | |
| CVE-2018-1000009 | — | Hig | 0.57 | 8.8 | 0.01 | Jan 23, 2018 | Jenkins Checkstyle Plugin 3.49 and earlier processes XML external entities in files it parses as part of the build process, allowing attackers with user permissions in Jenkins to extract secrets from the Jenkins master, perform server-side request forgery, or denial-of-service… | |
| CVE-2018-1000008 | — | Hig | 0.57 | 8.8 | 0.01 | Jan 23, 2018 | Jenkins PMD Plugin 3.49 and earlier processes XML external entities in files it parses as part of the build process, allowing attackers with user permissions in Jenkins to extract secrets from the Jenkins master, perform server-side request forgery, or denial-of-service attacks. | |
| CVE-2017-1000496 | Hig | 0.57 | 8.8 | 0.02 | Jan 3, 2018 | Commsy version 9.0.0 is vulnerable to XXE attacks in the configuration import functionality resulting in denial of service and possibly remote execution of code. | ||
| CVE-2014-3600 | Cri | 0.57 | 9.8 | 0.10 | Oct 27, 2017 | XML external entity (XXE) vulnerability in Apache ActiveMQ 5.x before 5.10.1 allows remote consumers to have unspecified impact via vectors involving an XPath based selector when dequeuing XML messages. | ||
| CVE-2014-3579 | Cri | 0.57 | 9.8 | 0.05 | Oct 27, 2017 | XML external entity (XXE) vulnerability in Apache ActiveMQ Apollo 1.x before 1.7.1 allows remote consumers to have unspecified impact via vectors involving an XPath based selector when dequeuing XML messages. | ||
| CVE-2017-14527 | Hig | 0.57 | 8.8 | 0.01 | Sep 28, 2017 | Multiple XML external entity (XXE) vulnerabilities in the OpenText Documentum Webtop 6.8.0160.0073 allow remote authenticated users to list the contents of arbitrary directories, read arbitrary files, cause a denial of service, or, on Windows, obtain Documentum user hashes via a… | ||
| CVE-2017-14526 | Hig | 0.57 | 8.8 | 0.01 | Sep 28, 2017 | Multiple XML external entity (XXE) vulnerabilities in the OpenText Documentum Administrator 7.2.0180.0055 allow remote authenticated users to list the contents of arbitrary directories, read arbitrary files, cause a denial of service, or, on Windows, obtain Documentum user… | ||
| CVE-2017-12216 | Hig | 0.57 | 8.8 | 0.03 | Sep 7, 2017 | A vulnerability in the web-based user interface of Cisco SocialMiner could allow an unauthenticated, remote attacker to have read and write access to information stored in the affected system. The vulnerability is due to improper handling of XML External Entity (XXE) entries… | ||
| CVE-2016-6798 | Cri | 0.57 | 9.8 | 0.04 | Jul 19, 2017 | In the XSS Protection API module before 1.0.12 in Apache Sling, the method XSS.getValidXML() uses an insecure SAX parser to validate the input string, which allows for XXE attacks in all scripts which use this method to validate user input, potentially allowing an attacker to… | ||
| CVE-2017-1000021 | Hig | 0.57 | 8.8 | 0.01 | Jul 17, 2017 | LogicalDoc Community Edition 7.5.3 and prior is vulnerable to XXE when indexing XML documents. | ||
| CVE-2015-7326 | Cri | 0.57 | 9.8 | 0.03 | Jun 7, 2017 | XML External Entity (XXE) vulnerability in Milton Webdav before 2.7.0.3. | ||
| CVE-2017-8913 | Hig | 0.57 | 8.8 | 0.01 | May 23, 2017 | The Visual Composer VC70RUNTIME component in SAP NetWeaver AS JAVA 7.5 allows remote authenticated users to conduct XML External Entity (XXE) attacks via a crafted XML document in a request to irj/servlet/prt/portal/prtroot/com.sap.visualcomposer.BIKit.default, aka SAP Security… | ||
| CVE-2010-3322 | Hig | 0.57 | 8.8 | 0.01 | Sep 14, 2010 | The XML parser in Splunk 4.0.0 through 4.1.4 allows remote authenticated users to obtain sensitive information and gain privileges via an XML External Entity (XXE) attack to unknown vectors. | ||
| CVE-2025-32406 | Hig | 0.56 | 8.6 | 0.00 | Apr 8, 2025 | An XXE issue in the Director NBR component in NAKIVO Backup & Replication 10.3.x through 11.0.1 before 11.0.2 allows remote attackers fetch and parse the XML response. | ||
| CVE-2016-9691 | Hig | 0.56 | 8.6 | 0.01 | May 5, 2017 | IBM WebSphere Cast Iron Solution 7.0.0 and 7.5.0.0 is vulnerable to a denial of service, caused by an XML External Entity Injection (XXE) error when processing XML data. A remote attacker could exploit this vulnerability to expose highly sensitive information or consume all… | ||
| CVE-2016-7051 | Hig | 0.56 | 8.6 | 0.02 | Apr 14, 2017 | XmlMapper in the Jackson XML dataformat component (aka jackson-dataformat-xml) before 2.7.8 and 2.8.x before 2.8.4 allows remote attackers to conduct server-side request forgery (SSRF) attacks via vectors related to a DTD. | ||
| CVE-2016-9563 | Med | 0.56 | 6.5 | 0.24 | KEV | Nov 23, 2016 | BC-BMT-BPM-DSK in SAP NetWeaver AS JAVA 7.5 allows remote authenticated users to conduct XML External Entity (XXE) attacks via the sap.com~tc~bpem~him~uwlconn~provider~web/bpemuwlconn URI, aka SAP Security Note 2296909. |
- risk 0.57cvss 8.8epss 0.01
Jenkins Warnings Plugin 4.64 and earlier processes XML external entities in files it parses as part of the build process, allowing attackers with user permissions in Jenkins to extract secrets from the Jenkins master, perform server-side request forgery, or denial-of-service…
- risk 0.57cvss 8.8epss 0.01
Jenkins FindBugs Plugin 4.71 and earlier processes XML external entities in files it parses as part of the build process, allowing attackers with user permissions in Jenkins to extract secrets from the Jenkins master, perform server-side request forgery, or denial-of-service…
- risk 0.57cvss 8.8epss 0.01
Jenkins DRY Plugin 2.49 and earlier processes XML external entities in files it parses as part of the build process, allowing attackers with user permissions in Jenkins to extract secrets from the Jenkins master, perform server-side request forgery, or denial-of-service attacks.
- risk 0.57cvss 8.8epss 0.01
Jenkins Checkstyle Plugin 3.49 and earlier processes XML external entities in files it parses as part of the build process, allowing attackers with user permissions in Jenkins to extract secrets from the Jenkins master, perform server-side request forgery, or denial-of-service…
- risk 0.57cvss 8.8epss 0.01
Jenkins PMD Plugin 3.49 and earlier processes XML external entities in files it parses as part of the build process, allowing attackers with user permissions in Jenkins to extract secrets from the Jenkins master, perform server-side request forgery, or denial-of-service attacks.
- risk 0.57cvss 8.8epss 0.02
Commsy version 9.0.0 is vulnerable to XXE attacks in the configuration import functionality resulting in denial of service and possibly remote execution of code.
- risk 0.57cvss 9.8epss 0.10
XML external entity (XXE) vulnerability in Apache ActiveMQ 5.x before 5.10.1 allows remote consumers to have unspecified impact via vectors involving an XPath based selector when dequeuing XML messages.
- risk 0.57cvss 9.8epss 0.05
XML external entity (XXE) vulnerability in Apache ActiveMQ Apollo 1.x before 1.7.1 allows remote consumers to have unspecified impact via vectors involving an XPath based selector when dequeuing XML messages.
- risk 0.57cvss 8.8epss 0.01
Multiple XML external entity (XXE) vulnerabilities in the OpenText Documentum Webtop 6.8.0160.0073 allow remote authenticated users to list the contents of arbitrary directories, read arbitrary files, cause a denial of service, or, on Windows, obtain Documentum user hashes via a…
- risk 0.57cvss 8.8epss 0.01
Multiple XML external entity (XXE) vulnerabilities in the OpenText Documentum Administrator 7.2.0180.0055 allow remote authenticated users to list the contents of arbitrary directories, read arbitrary files, cause a denial of service, or, on Windows, obtain Documentum user…
- risk 0.57cvss 8.8epss 0.03
A vulnerability in the web-based user interface of Cisco SocialMiner could allow an unauthenticated, remote attacker to have read and write access to information stored in the affected system. The vulnerability is due to improper handling of XML External Entity (XXE) entries…
- risk 0.57cvss 9.8epss 0.04
In the XSS Protection API module before 1.0.12 in Apache Sling, the method XSS.getValidXML() uses an insecure SAX parser to validate the input string, which allows for XXE attacks in all scripts which use this method to validate user input, potentially allowing an attacker to…
- risk 0.57cvss 8.8epss 0.01
LogicalDoc Community Edition 7.5.3 and prior is vulnerable to XXE when indexing XML documents.
- risk 0.57cvss 9.8epss 0.03
XML External Entity (XXE) vulnerability in Milton Webdav before 2.7.0.3.
- risk 0.57cvss 8.8epss 0.01
The Visual Composer VC70RUNTIME component in SAP NetWeaver AS JAVA 7.5 allows remote authenticated users to conduct XML External Entity (XXE) attacks via a crafted XML document in a request to irj/servlet/prt/portal/prtroot/com.sap.visualcomposer.BIKit.default, aka SAP Security…
- risk 0.57cvss 8.8epss 0.01
The XML parser in Splunk 4.0.0 through 4.1.4 allows remote authenticated users to obtain sensitive information and gain privileges via an XML External Entity (XXE) attack to unknown vectors.
- risk 0.56cvss 8.6epss 0.00
An XXE issue in the Director NBR component in NAKIVO Backup & Replication 10.3.x through 11.0.1 before 11.0.2 allows remote attackers fetch and parse the XML response.
- risk 0.56cvss 8.6epss 0.01
IBM WebSphere Cast Iron Solution 7.0.0 and 7.5.0.0 is vulnerable to a denial of service, caused by an XML External Entity Injection (XXE) error when processing XML data. A remote attacker could exploit this vulnerability to expose highly sensitive information or consume all…
- risk 0.56cvss 8.6epss 0.02
XmlMapper in the Jackson XML dataformat component (aka jackson-dataformat-xml) before 2.7.8 and 2.8.x before 2.8.4 allows remote attackers to conduct server-side request forgery (SSRF) attacks via vectors related to a DTD.
- risk 0.56cvss 6.5epss 0.24
BC-BMT-BPM-DSK in SAP NetWeaver AS JAVA 7.5 allows remote authenticated users to conduct XML External Entity (XXE) attacks via the sap.com~tc~bpem~him~uwlconn~provider~web/bpemuwlconn URI, aka SAP Security Note 2296909.