Description
XML external entity (XXE) vulnerability affecting certain versions of a Mule runtime component that may affect CloudHub, GovCloud, Runtime Fabric, Pivotal Cloud Foundry, Private Cloud Edition, and on-premise customers.
References (1)
Core 1
Core References
Vendor Advisory x_refsource_misc
https://help.salesforce.com/articleView?id=000362693&type=1&mode=1
Scores
CVSS v3
7.5
EPSS
0.0107
EPSS Percentile
60.5%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Details
CWE
CWE-611
Status
published
Products (1)
salesforce/mule
3.0.0 - 4.3.0
Published
Aug 05, 2021
Tracked Since
Feb 18, 2026