Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-611 (XML外部实体引用的不恰当限制(XXE)) — Vulnerability Class 417

417 vulnerabilities classified as CWE-611 (XML外部实体引用的不恰当限制(XXE)). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2023-24466 Possible XML External Entity Injection in OpenText iManager — iManager 7.5 High2024-11-22
CVE-2024-48917 XXE in PHPSpreadsheet's XLSX reader — PhpSpreadsheet 7.5 High2024-11-18
CVE-2024-47873 PhpSpreadsheet XmlScanner bypass leads to XXE — PhpSpreadsheet 7.5 High2024-11-18
CVE-2020-26066 Cisco SD-WAN vManage Software XML External Entity Vulnerability — Cisco Catalyst SD-WAN Manager 7.3 -2024-11-18
CVE-2021-1483 Cisco SD-WAN vManage Software XML External Entity Vulnerability — Cisco Catalyst SD-WAN Manager 6.4 Medium2024-11-15
CVE-2024-39726 IBM Engineering Insights XML external entity injection — Engineering Insights 8.2 High2024-11-15
CVE-2021-3902 Improper Restriction of XML External Entity Reference in dompdf/dompdf — dompdf/dompdf 8.1AIHighAI2024-11-15
CVE-2024-5919 PAN-OS: Authenticated XML External Entities (XXE) Injection Vulnerability — Cloud NGFW 7.7AIHighAI2024-11-14
CVE-2024-52007 XXE vulnerability in XSLT parsing in `org.hl7.fhir.core` — org.hl7.fhir.core 8.6 High2024-11-08
CVE-2024-10839 XML External Entity — SharePoint Manager Plus 8.5 High2024-11-08
CVE-2024-20531 Cisco Identity Services Engine XML External Entity Injection Vulnerability — Cisco Identity Services Engine Software 5.5 Medium2024-11-06
CVE-2024-45086 IBM WebSphere Application Server XML external entity injection — WebSphere Application Server 5.5 Medium2024-11-04
CVE-2024-50442 WordPress Royal Elementor Addons and Templates plugin <= 1.3.980 - XML External Entity (XXE) vulnerability — Royal Elementor Addons 6.5 Medium2024-10-28
CVE-2024-4690 Insecure usage for DocumentBuilderFactory and TransformerFactory in OpenText Application Automation Tools — OpenText Application Automation Tools 9.8AICriticalAI2024-10-16
CVE-2024-4189 Multiple XXE sinks in Run LoadRunner script step in OpenText Application Automation Tools — OpenText Application Automation Tools 9.8AICriticalAI2024-10-16
CVE-2024-4184 Multiple XXE sinks in ALM archive post-build step in OpenText Application Automation Tools — OpenText Application Automation Tools 9.8AICriticalAI2024-10-16
CVE-2024-45072 IBM WebSphere Application Server XML external entity injection — WebSphere Application Server 5.5 Medium2024-10-16
CVE-2024-8602 XML Eternal Entity Attack in the Software Library taxstatement.jar — Library taxstatement.jar 8.8AIHighAI2024-10-14
CVE-2024-28168 Apache XML Graphics FOP: XML External Entity (XXE) Processing — Apache XML Graphics FOP 7.5AIHighAI2024-10-09
CVE-2024-39586 Dell AppSync Server 代码问题漏洞 — AppSync 2.9 Low2024-10-09
CVE-2024-45293 XML External Entity Reference (XXE) in PHPSpreadsheet's XLSX reader — PhpSpreadsheet 7.5 High2024-10-07
CVE-2024-45745 TopQuadrant TopBraid EDG JavaScript console XXE — TopBraid EDG 5.0 Medium2024-09-27
CVE-2024-46985 DataEase has an XXE vulnerability — dataease 7.5 High2024-09-23
CVE-2024-46984 XML External Entity Reference (XXE) vulnerability can lead to a Server Side Request Forgery attack in gematik app-referencevalidator — app-referencevalidator 8.6 High2024-09-19
CVE-2024-7098 XML Injection in SFS Consulting's ww.Winsure — ww.Winsure 9.8 -2024-09-16
CVE-2024-45294 `org.hl7.fhir.core` XXE vulnerability in XSLT transforms — org.hl7.fhir.core 8.6 High2024-09-06
CVE-2024-45048 XML External Entity Reference (XXE) in PHPSpreadsheet — PhpSpreadsheet 8.8 High2024-08-28
CVE-2024-6893 Journyx Unauthenticated XML External Entities Injection — Journyx (jtime) 9.8AICriticalAI2024-08-07
CVE-2024-3930 XML External Entity in Akana — Akana API Platform 6.3 Medium2024-07-30
CVE-2023-48362 Apache Drill: XXE Vulnerability in XML Format Reader — Apache Drill 8.8AIHighAI2024-07-24

Vulnerabilities classified as CWE-611 (XML外部实体引用的不恰当限制(XXE)) represent 417 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.