CWE-611
Improper Restriction of XML External Entity Reference
The product processes an XML document that can contain XML entities with URIs that resolve to documents outside of the intended sphere of control, causing the product to embed incorrect documents into its output.
1,228 vulnerabilities with CWE-611
CVE-2023-40506
HIGH
LG Simple Editor - Info Disclosure
CVSS 7.5
CVE-2023-40503
HIGH
LG Simple Editor - Info Disclosure
CVSS 7.5
CVE-2023-39472
MEDIUM
Inductiveautomation Ignition < 8.1.32 - XXE
CVSS 6.5
CVE-2023-49234
MEDIUM
Stilog Visual Planning 8 - SSRF
CVSS 6.3
CVE-2023-50168
HIGH
Pega Platform < 8.8.5 - XXE
CVSS 7.7
CVE-2023-25926
MEDIUM
IBM Security Guardium Key Lifecycle Manager < 4.1.1.7 - XXE
CVSS 5.5
CVE-2023-50380
MEDIUM
Apache Ambari < 2.7.8 - XXE
CVSS 6.5
CVE-2023-52239
MEDIUM
Magicsoftware Magic Xpi Integration Platform - XXE
CVSS 6.5
CVE-2023-32327
HIGH
IBM Security Verify Access < 10.0.6.1 - XXE
CVSS 7.1
CVE-2023-4554
MEDIUM
OpenText AppBuilder <23.2 - SSRF
CVSS 4.9
CVE-2023-45139
HIGH
Fonttools < 4.43.0 - XXE
CVSS 7.5
CVE-2023-6149
MEDIUM
Qualys Jenkins Plugin for WAS <2.0.11 - SSRF
CVSS 5.7
CVE-2023-6147
MEDIUM
Qualys Jenkins Plugin <1.0.5 - SSRF
CVSS 5.7
CVE-2023-26999
CRITICAL
NetScout nGeniusOne <6.3.4 - RCE, DoS
CVSS 9.8
CVE-2023-52252
CRITICAL
Unifiedremote Unified Remote - XXE
CVSS 9.8
CVE-2023-46265
CRITICAL
Smart Device Server - SSRF
CVSS 9.8
CVE-2023-6280
HIGH
52North WPS <4.0.0-beta.11 - XSS
CVSS 7.2
CVE-2023-6836
MEDIUM
Wso2 API Manager < 3.0.0 - XXE
CVSS 4.6
CVE-2023-6721
HIGH
Europeana Repox - XXE
CVSS 8.3
CVE-2023-6194
LOW
Eclipse Memory Analyzer <1.14.0 - Info Disclosure
CVSS 2.8
CVE-2023-49733
CRITICAL
Apache Cocoon < 2.3.0 - XXE
CVSS 9.8
CVE-2023-49656
CRITICAL
Jenkins Matlab < 2.11.1 - XXE
CVSS 9.8
CVE-2023-22274
HIGH
Adobe RoboHelp Server <11.4 - Info Disclosure
CVSS 7.5
CVE-2023-46590
HIGH
Siemens OPC UA Modelling Editor - XXE Injection
CVSS 7.5
CVE-2023-4218
MEDIUM
Eclipse IDE <2023-09 - XSS
CVSS 5.0
Details
Vulnerabilities
1,228