CWE-611
Improper Restriction of XML External Entity Reference
The product processes an XML document that can contain XML entities with URIs that resolve to documents outside of the intended sphere of control, causing the product to embed incorrect documents into its output.
1,228 vulnerabilities with CWE-611
CVE-2024-56356
MEDIUM
Jetbrains Teamcity < 2024.12 - XXE
CVSS 5.9
CVE-2024-55081
CRITICAL
Chat2DB v0.3.5 - XSS
CVSS 9.8
CVE-2024-55887
HIGH
Org.fhir Ucum < 1.0.9 - XXE
CVSS 8.6
CVE-2024-55875
CRITICAL
Org.http4k Http4k-format-xml < 5.41.0.0 - Information Disclosure
CVSS 9.8
CVE-2024-49064
MEDIUM
Microsoft Sharepoint Server - XXE
CVSS 6.5
CVE-2024-49535
MEDIUM
Acrobat Reader <24.005.20307 - XSS
CVSS 6.3
CVE-2024-54005
MEDIUM
COMOS - XXE
CVSS 5.1
CVE-2024-49704
MEDIUM
COMOS - XXE
CVSS 5.5
CVE-2024-47582
MEDIUM
XML Input - Info Disclosure
CVSS 5.3
CVE-2024-46455
CRITICAL
Pypi Unstructured < 0.14.3 - XXE
CVSS 9.8
CVE-2024-52806
HIGH
Simplesamlphp Saml2 < 4.6.14 - XXE
CVSS 8.3
CVE-2024-52596
HIGH
Simplesamlphp Xml-common < 1.20.0 - XXE
CVE-2024-52800
LOW
Org.verapdf Core < 1.26.2 - XXE
CVE-2024-9044
MEDIUM
Easy Tax Client Software <2023.1.2 - XSS
CVE-2024-53675
HIGH
HPE Insight Remote Support < 7.14.0.629 - XXE
CVSS 7.3
CVE-2024-53674
HIGH
HPE Insight Remote Support < 7.14.0.629 - XXE
CVSS 7.3
CVE-2024-11622
HIGH
HPE Insight Remote Support - Info Disclosure
CVSS 7.3
CVE-2024-50848
MEDIUM
RWS Worldserver - XXE
CVSS 6.5
CVE-2024-48917
HIGH
Phpoffice Phpspreadsheet < 1.29.4 - XXE
CVSS 7.5
CVE-2024-47873
HIGH
PhpSpreadsheet <1.9.4, <2.1.3, <2.3.2, <3.4.0 - XSS
CVSS 7.5
CVE-2024-39726
HIGH
IBM Engineering Lifecycle Optimization - Engineering Insights - XXE
CVSS 8.2
CVE-2024-5919
MEDIUM
Paloaltonetworks Pan-os < 10.1.10 - XXE
CVSS 6.5
CVE-2024-10218
CRITICAL
TIBCO Hawk/TIBCO Operational Intelligence - XSS
CVE-2024-52007
HIGH
HAPI FHIR - XML External Entity Injection
CVSS 8.6
CVE-2024-10839
HIGH
Zohocorp Manageengine Sharepoint Manager Plus - XXE
CVSS 8.5
Details
Vulnerabilities
1,228