VYPR

CWE-611

Improper Restriction of XML External Entity Reference

BaseDraft

Description

The product processes an XML document that can contain XML entities with URIs that resolve to documents outside of the intended sphere of control, causing the product to embed incorrect documents into its output.

Hierarchy (View 1000)

Parents

Children

none

Related attack patterns (CAPEC)

CAPEC-221

CVEs mapped to this weakness (684)

page 6 of 35
  • CVE-2018-1000012HigJan 23, 2018
    risk 0.57cvss 8.8epss 0.01

    Jenkins Warnings Plugin 4.64 and earlier processes XML external entities in files it parses as part of the build process, allowing attackers with user permissions in Jenkins to extract secrets from the Jenkins master, perform server-side request forgery, or denial-of-service…

  • CVE-2018-1000011HigJan 23, 2018
    risk 0.57cvss 8.8epss 0.01

    Jenkins FindBugs Plugin 4.71 and earlier processes XML external entities in files it parses as part of the build process, allowing attackers with user permissions in Jenkins to extract secrets from the Jenkins master, perform server-side request forgery, or denial-of-service…

  • CVE-2018-1000010HigJan 23, 2018
    risk 0.57cvss 8.8epss 0.01

    Jenkins DRY Plugin 2.49 and earlier processes XML external entities in files it parses as part of the build process, allowing attackers with user permissions in Jenkins to extract secrets from the Jenkins master, perform server-side request forgery, or denial-of-service attacks.

  • CVE-2018-1000009HigJan 23, 2018
    risk 0.57cvss 8.8epss 0.01

    Jenkins Checkstyle Plugin 3.49 and earlier processes XML external entities in files it parses as part of the build process, allowing attackers with user permissions in Jenkins to extract secrets from the Jenkins master, perform server-side request forgery, or denial-of-service…

  • CVE-2018-1000008HigJan 23, 2018
    risk 0.57cvss 8.8epss 0.01

    Jenkins PMD Plugin 3.49 and earlier processes XML external entities in files it parses as part of the build process, allowing attackers with user permissions in Jenkins to extract secrets from the Jenkins master, perform server-side request forgery, or denial-of-service attacks.

  • CVE-2017-1000496HigJan 3, 2018
    risk 0.57cvss 8.8epss 0.02

    Commsy version 9.0.0 is vulnerable to XXE attacks in the configuration import functionality resulting in denial of service and possibly remote execution of code.

  • CVE-2014-3600CriOct 27, 2017
    risk 0.57cvss 9.8epss 0.10

    XML external entity (XXE) vulnerability in Apache ActiveMQ 5.x before 5.10.1 allows remote consumers to have unspecified impact via vectors involving an XPath based selector when dequeuing XML messages.

  • CVE-2014-3579CriOct 27, 2017
    risk 0.57cvss 9.8epss 0.05

    XML external entity (XXE) vulnerability in Apache ActiveMQ Apollo 1.x before 1.7.1 allows remote consumers to have unspecified impact via vectors involving an XPath based selector when dequeuing XML messages.

  • CVE-2017-14527HigSep 28, 2017
    risk 0.57cvss 8.8epss 0.01

    Multiple XML external entity (XXE) vulnerabilities in the OpenText Documentum Webtop 6.8.0160.0073 allow remote authenticated users to list the contents of arbitrary directories, read arbitrary files, cause a denial of service, or, on Windows, obtain Documentum user hashes via a…

  • CVE-2017-14526HigSep 28, 2017
    risk 0.57cvss 8.8epss 0.01

    Multiple XML external entity (XXE) vulnerabilities in the OpenText Documentum Administrator 7.2.0180.0055 allow remote authenticated users to list the contents of arbitrary directories, read arbitrary files, cause a denial of service, or, on Windows, obtain Documentum user…

  • CVE-2017-12216HigSep 7, 2017
    risk 0.57cvss 8.8epss 0.03

    A vulnerability in the web-based user interface of Cisco SocialMiner could allow an unauthenticated, remote attacker to have read and write access to information stored in the affected system. The vulnerability is due to improper handling of XML External Entity (XXE) entries…

  • CVE-2016-6798CriJul 19, 2017
    risk 0.57cvss 9.8epss 0.04

    In the XSS Protection API module before 1.0.12 in Apache Sling, the method XSS.getValidXML() uses an insecure SAX parser to validate the input string, which allows for XXE attacks in all scripts which use this method to validate user input, potentially allowing an attacker to…

  • CVE-2017-1000021HigJul 17, 2017
    risk 0.57cvss 8.8epss 0.01

    LogicalDoc Community Edition 7.5.3 and prior is vulnerable to XXE when indexing XML documents.

  • CVE-2015-7326CriJun 7, 2017
    risk 0.57cvss 9.8epss 0.03

    XML External Entity (XXE) vulnerability in Milton Webdav before 2.7.0.3.

  • CVE-2017-8913HigMay 23, 2017
    risk 0.57cvss 8.8epss 0.01

    The Visual Composer VC70RUNTIME component in SAP NetWeaver AS JAVA 7.5 allows remote authenticated users to conduct XML External Entity (XXE) attacks via a crafted XML document in a request to irj/servlet/prt/portal/prtroot/com.sap.visualcomposer.BIKit.default, aka SAP Security…

  • CVE-2010-3322HigSep 14, 2010
    risk 0.57cvss 8.8epss 0.01

    The XML parser in Splunk 4.0.0 through 4.1.4 allows remote authenticated users to obtain sensitive information and gain privileges via an XML External Entity (XXE) attack to unknown vectors.

  • CVE-2025-32406HigApr 8, 2025
    risk 0.56cvss 8.6epss 0.00

    An XXE issue in the Director NBR component in NAKIVO Backup & Replication 10.3.x through 11.0.1 before 11.0.2 allows remote attackers fetch and parse the XML response.

  • CVE-2016-9691HigMay 5, 2017
    risk 0.56cvss 8.6epss 0.01

    IBM WebSphere Cast Iron Solution 7.0.0 and 7.5.0.0 is vulnerable to a denial of service, caused by an XML External Entity Injection (XXE) error when processing XML data. A remote attacker could exploit this vulnerability to expose highly sensitive information or consume all…

  • CVE-2016-7051HigApr 14, 2017
    risk 0.56cvss 8.6epss 0.02

    XmlMapper in the Jackson XML dataformat component (aka jackson-dataformat-xml) before 2.7.8 and 2.8.x before 2.8.4 allows remote attackers to conduct server-side request forgery (SSRF) attacks via vectors related to a DTD.

  • CVE-2016-9563MedKEVNov 23, 2016
    risk 0.56cvss 6.5epss 0.24

    BC-BMT-BPM-DSK in SAP NetWeaver AS JAVA 7.5 allows remote authenticated users to conduct XML External Entity (XXE) attacks via the sap.com~tc~bpem~him~uwlconn~provider~web/bpemuwlconn URI, aka SAP Security Note 2296909.