Improper Restriction of XML External Entity Reference

The product processes an XML document that can contain XML entities with URIs that resolve to documents outside of the intended sphere of control, causing the product to embed incorrect documents into its output.

CVEs (1,244)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2018-17152 1Intersystems 1Cache Nov 21, 2024 Jul 11, 2019 N/A· v4 6.4 MEDIUM· v3 5.5 MEDIUM· v2 Intersystems Cache 2017.2.2.865.0 allows XXE.
CVE-2019-12924 1Mailenable 1Mailenable Nov 21, 2024 Jul 8, 2019 N/A· v4 9.8 CRITICAL· v3 5.0 MEDIUM· v2 MailEnable Enterprise Premium 10.23 was vulnerable to XML External Entity Injection (XXE) attacks that could be exploited by an unauthenticated user. It was possible for an attacker to use a vulnerability in the configur...Show more MailEnable Enterprise Premium 10.23 was vulnerable to XML External Entity Injection (XXE) attacks that could be exploited by an unauthenticated user. It was possible for an attacker to use a vulnerability in the configuration of the XML processor to read any file on the host system. Because all credentials were stored in a cleartext file, it was possible to steal all users' credentials (including the highest privileged users).Show less
CVE-2019-13358 1Opencats 1Opencats Nov 21, 2024 Jul 5, 2019 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 lib/DocumentToText.php in OpenCats before 0.9.4-3 has XXE that allows remote users to read files on the underlying operating system. The attacker must upload a file in the docx or odt format.
CVE-2015-3907 1Codeigniter Restserver Project 1Codeigniter Restserver Nov 21, 2024 Jul 3, 2019 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 CodeIgniter Rest Server (aka codeigniter-restserver) 2.7.1 allows XXE attacks.
CVE-2019-13031 2Debian Lemonldap Ng 2Debian Linux Lemonldap\ Nov 21, 2024 Jun 28, 2019 N/A· v4 8.1 HIGH· v3 6.8 MEDIUM· v2 LemonLDAP::NG before 1.9.20 has an XML External Entity (XXE) issue when submitting a notification to the notification server. By default, the notification server is not enabled and has a "deny all" rule.
CVE-2019-9843 1Diffplug 2Gradle Maven Nov 21, 2024 Jun 28, 2019 N/A· v4 7.5 HIGH· v3 5.1 MEDIUM· v2 In DiffPlug Spotless before 1.20.0 (library and Maven plugin) and before 3.20.0 (Gradle plugin), the XML parser would resolve external entities over both HTTP and HTTPS and didn't respect the resolveExternalEntities sett...Show more In DiffPlug Spotless before 1.20.0 (library and Maven plugin) and before 3.20.0 (Gradle plugin), the XML parser would resolve external entities over both HTTP and HTTPS and didn't respect the resolveExternalEntities setting. For example, this allows disclosure of file contents to a MITM attacker if a victim performs a spotlessApply operation on an untrusted XML file.Show less
CVE-2018-20843 7Canonical DebianFedoraproject+4 more 9Debian Linux FedoraHospitality Res 3700+6 more May 30, 2025 Jun 24, 2019 N/A· v4 7.5 HIGH· v3 7.8 HIGH· v2 In libexpat in Expat before 2.2.7, XML input including XML names that contain a large number of colons could make the XML parser consume a high amount of RAM and CPU resources while processing (enough to be usable for de...Show more In libexpat in Expat before 2.2.7, XML input including XML names that contain a large number of colons could make the XML parser consume a high amount of RAM and CPU resources while processing (enough to be usable for denial-of-service attacks).Show less
CVE-2019-11392 1Dotnetblogengine 1Blogengine.net Nov 21, 2024 Jun 21, 2019 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 BlogEngine.NET 3.3.7 and earlier allows XXE via an apml file to syndication.axd.
CVE-2019-10718 1Dotnetblogengine 1Blogengine.net Nov 21, 2024 Jun 21, 2019 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 BlogEngine.NET 3.3.7.0 and earlier allows XML External Entity Blind Injection, related to pingback.axd and BlogEngine.Core/Web/HttpHandlers/PingbackHandler.cs.
CVE-2019-1903 1Cisco 1Security Manager Nov 21, 2024 Jun 20, 2019 N/A· v4 9.1 CRITICAL· v3 6.4 MEDIUM· v2 A vulnerability in Cisco Security Manager could allow an unauthenticated, remote attacker to access sensitive information or cause a denial of service (DoS) condition. The vulnerability is due to improper restrictions on...Show more A vulnerability in Cisco Security Manager could allow an unauthenticated, remote attacker to access sensitive information or cause a denial of service (DoS) condition. The vulnerability is due to improper restrictions on XML entities. An attacker could exploit this vulnerability by sending malicious requests to a targeted system that contain references within XML entities. An exploit could allow the attacker to retrieve files from the local system, resulting in the disclosure of sensitive information, or cause the application to consume available resources, resulting in a DoS condition.Show less
CVE-2018-15506 1Bubblesoftapps 1Bubbleupnp Nov 21, 2024 Jun 19, 2019 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 In BubbleUPnP 0.9 update 30, the XML parsing engine for SSDP/UPnP functionality is vulnerable to an XML External Entity Processing (XXE) attack. Remote, unauthenticated attackers can use this vulnerability to: (1) Access...Show more In BubbleUPnP 0.9 update 30, the XML parsing engine for SSDP/UPnP functionality is vulnerable to an XML External Entity Processing (XXE) attack. Remote, unauthenticated attackers can use this vulnerability to: (1) Access arbitrary files from the filesystem with the same permission as the user account running BubbleUPnP, (2) Initiate SMB connections to capture a NetNTLM challenge/response and crack the cleartext password, or (3) Initiate SMB connections to relay a NetNTLM challenge/response and achieve Remote Command Execution in Windows domains.Show less
CVE-2018-18471 1Axentra 1Hipserv Nov 21, 2024 Jun 19, 2019 N/A· v4 9.8 CRITICAL· v3 10.0 HIGH· v2 /api/2.0/rest/aggregator/xml in Axentra firmware, used by NETGEAR Stora, Seagate GoFlex Home, and MEDION LifeCloud, has an XXE vulnerability that can be chained with an SSRF bug to gain remote command execution as root....Show more /api/2.0/rest/aggregator/xml in Axentra firmware, used by NETGEAR Stora, Seagate GoFlex Home, and MEDION LifeCloud, has an XXE vulnerability that can be chained with an SSRF bug to gain remote command execution as root. It can be triggered by anyone who knows the IP address of the affected device.Show less
CVE-2018-18406 1Tufin 1Securetrack Nov 21, 2024 Jun 19, 2019 N/A· v4 9.9 CRITICAL· v3 6.5 MEDIUM· v2 An issue was discovered in Tufin SecureTrack 18.1 with TufinOS 2.16 build 1179(Final). The Audit Report module is affected by a blind XXE vulnerability when a new Best Practices Report is saved using a special payload in...Show more An issue was discovered in Tufin SecureTrack 18.1 with TufinOS 2.16 build 1179(Final). The Audit Report module is affected by a blind XXE vulnerability when a new Best Practices Report is saved using a special payload inside the xml input field. The XXE vulnerability is blind since the response doesn't directly display a requested file, but rather returns it inside the name data field when the report is saved. An attacker is able to view restricted operating system files. This issue affects all types of users: administrators or normal users.Show less
CVE-2018-1845 1Ibm 5Infosphere Governance Catalog Infosphere Information ServerInfosphere Information Server Business Glossary+2 more Nov 21, 2024 Jun 17, 2019 N/A· v4 7.1 HIGH· v3 5.5 MEDIUM· v2 IBM InfoSphere Information Server 11.3, 11.5, and 11.7 is vulnerable to a XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive inform...Show more IBM InfoSphere Information Server 11.3, 11.5, and 11.7 is vulnerable to a XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 150905.Show less
CVE-2019-0948 1Microsoft 8Windows 10 Windows 7Windows 8.1+5 more May 20, 2025 Jun 12, 2019 N/A· v4 5.5 MEDIUM· v3 4.3 MEDIUM· v2 An information disclosure vulnerability exists in the Windows Event Viewer (eventvwr.msc) when it improperly parses XML input containing a reference to an external entity. An attacker who successfully exploited this vuln...Show more An information disclosure vulnerability exists in the Windows Event Viewer (eventvwr.msc) when it improperly parses XML input containing a reference to an external entity. An attacker who successfully exploited this vulnerability could read arbitrary files via an XML external entity (XXE) declaration. To exploit the vulnerability, an attacker could create a file containing specially crafted XML content and convince an authenticated user to import the file. The update addresses the vulnerability by modifying the way that the Event Viewer parses XML input.Show less
CVE-2019-12154 1Realobjects 1Pdfreactor Nov 21, 2024 Jun 11, 2019 N/A· v4 9.1 CRITICAL· v3 6.4 MEDIUM· v2 XXE in the XML parser library in RealObjects PDFreactor before 10.1.10722 allows attackers to supply malicious XML content in externally referenced resources, leading to disclosure of local file contents and/or denial of...Show more XXE in the XML parser library in RealObjects PDFreactor before 10.1.10722 allows attackers to supply malicious XML content in externally referenced resources, leading to disclosure of local file contents and/or denial of service conditions.Show less
CVE-2019-10337 1Jenkins 1Token Macro Nov 21, 2024 Jun 11, 2019 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 An XML external entities (XXE) vulnerability in Jenkins Token Macro Plugin 2.7 and earlier allowed attackers able to control a the content of the input file for the "XML" macro to have Jenkins resolve external entities,...Show more An XML external entities (XXE) vulnerability in Jenkins Token Macro Plugin 2.7 and earlier allowed attackers able to control a the content of the input file for the "XML" macro to have Jenkins resolve external entities, resulting in the extraction of secrets from the Jenkins agent, server-side request forgery, or denial-of-service attacks.Show less
CVE-2019-3722 1Dell 1Emc Openmanage Server Administrator Nov 21, 2024 Jun 6, 2019 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 Dell EMC OpenManage Server Administrator (OMSA) versions prior to 9.1.0.3 and prior to 9.2.0.4 contain an XML external entity (XXE) injection vulnerability. A remote unauthenticated attacker could potentially exploit thi...Show more Dell EMC OpenManage Server Administrator (OMSA) versions prior to 9.1.0.3 and prior to 9.2.0.4 contain an XML external entity (XXE) injection vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability to read arbitrary server system files by supplying specially crafted document type definitions (DTDs) in an XML request.Show less
CVE-2019-10327 1Jenkins 1Pipeline Maven Integration Nov 21, 2024 May 31, 2019 N/A· v4 8.1 HIGH· v3 5.5 MEDIUM· v2 An XML external entities (XXE) vulnerability in Jenkins Pipeline Maven Integration Plugin 1.7.0 and earlier allowed attackers able to control a temporary directory's content on the agent running the Maven build to have J...Show more An XML external entities (XXE) vulnerability in Jenkins Pipeline Maven Integration Plugin 1.7.0 and earlier allowed attackers able to control a temporary directory's content on the agent running the Maven build to have Jenkins parse a maliciously crafted XML file that uses external entities for extraction of secrets from the Jenkins master, server-side request forgery, or denial-of-service attacks.Show less
CVE-2019-9670 1Synacor 1Zimbra Collaboration Suite Nov 4, 2025 May 29, 2019 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 mailboxd component in Synacor Zimbra Collaboration Suite 8.7.x before 8.7.11p10 has an XML External Entity injection (XXE) vulnerability, as demonstrated by Autodiscover/Autodiscover.xml.

Previous 1...424344...63 Next