Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-611

CWE-611

Improper Restriction of XML External Entity Reference

Parent: CWE-610 - Externally Controlled Reference to a Resource in Another Sphere

The product processes an XML document that can contain XML entities with URIs that resolve to documents outside of the intended sphere of control, causing the product to embed incorrect documents into its output.

1,228 vulnerabilities with CWE-611

CVE-2025-54445 HIGH

Samsung Magicinfo 9 Server < 21.1080.0 - XXE

CVE-2025-7766 HIGH

Lantronix Provisioning Manager - RCE

CVE-2025-34142 MEDIUM

ETQ Reliance CG - XSS

CVE-2025-36603 MEDIUM

Dell Appsync < 4.6.0.4 - XXE

CVE-2025-7824 HIGH

Jinher OA 1.1 - XML External Entity Reference

CVE-2025-7823 HIGH

Jinher OA 1.2 - XML External Entity Reference

CVE-2025-52162 MEDIUM

Agorum core <11.10.1 - XXE

CVE-2025-53621 MEDIUM

DSpace <7.6.4, 8.2, 9.1 - XSS

CVE-2025-53689 HIGH

Apache Jackrabbit <2.23.2 - Blind XXE

CVE-2025-7523 HIGH

Jinher OA 1.0 - XML External Entity Reference

CVE-2025-6438 MEDIUM

SOAP API - XML External Entity Injection

CVE-2025-49544 MEDIUM

Adobe Coldfusion - XXE

CVE-2025-49539 MEDIUM

Adobe Coldfusion - XXE

CVE-2025-49535 CRITICAL

Adobe Coldfusion - XXE

CVE-2025-49493 MEDIUM

Akamai CloudTest <60 - XXE Injection

CVE-2025-52888 HIGH

Io.qameta.allure.plugins Xunit-xml-plugin < 2.34.1 - XXE

CVE-2025-47293 LOW

Com.powsybl Powsybl-commons < 6.7.2 - SSRF

CVE-2025-33121 HIGH

IBM QRadar SIEM <7.5.0-12 - XXE

CVE-2025-36049 HIGH

IBM Webmethods Integration - XXE

CVE-2025-44044 HIGH

Keyoti SearchUnit <9.0.0 - XXE

CVE-2025-30220 CRITICAL

GeoServer WFS - XXE Processing Vulnerability

CVE-2025-31039 CRITICAL

pixelgrade Category Icon <1.0.2 - SSRF

CVE-2025-5877 MEDIUM

Fengoffice Feng Office - XXE

CVE-2025-48882 HIGH

PHPOffice Math <0.3.0 - XSS

CVE-2025-4338 MEDIUM

Lantronix Device installer - XXE

Previous Page 4 of 50 Next

Details

Vulnerabilities 1,228

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy