Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-643 (XPath表达式中数据转义处理不恰当(XPath注入)) — Vulnerability Class 11

11 vulnerabilities classified as CWE-643 (XPath表达式中数据转义处理不恰当(XPath注入)). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2026-24343 Apache HertzBeat: Uncontrolled Resource Consumption via Crafted XPath Expressions — Apache HertzBeat 9.4AICriticalAI2026-02-10
CVE-2025-11844 XPath Injection in Hugging Face Smolagents search_item_ctrl_f Function — huggingface/smolagents 9.1AICriticalAI2025-10-22
CVE-2025-20218 Cisco Secure Firepower Management Center Software XPATH Injection Vulnerability — Cisco Firepower Management Center 4.9 Medium2025-08-14
CVE-2022-43840 IBM Aspera Console XPath injection — Aspera Console 4.3 Medium2025-04-14
CVE-2024-39565 Junos OS: J-Web: An unauthenticated, network-based attacker can perform XPATH injection attack against a device. — Junos OS 8.8 High2024-07-10
CVE-2024-2648 Netentsec NS-ASG Application Security Gateway naccheck.php xpath injection — NS-ASG Application Security Gateway 4.3 Medium2024-03-19
CVE-2024-2645 Netentsec NS-ASG Application Security Gateway resetpwd.php xpath injection — NS-ASG Application Security Gateway 4.3 Medium2024-03-19
CVE-2023-36429 Microsoft Dynamics 365 (On-Premises) Information Disclosure Vulnerability — Microsoft Dynamics 365 (on-premises) version 9.0 6.5 Medium2023-10-10
CVE-2023-36433 Microsoft Dynamics 365 (On-Premises) Information Disclosure Vulnerability — Microsoft Dynamics 365 (on-premises) version 9.0 6.5 Medium2023-10-10
CVE-2023-24922 Microsoft Dynamics 365 (On-Premises) Information Disclosure Vulnerability — Microsoft Dynamics 365 (on-premises) version 9.0 6.5 Medium2023-03-14
CVE-2020-25162 B. Braun SpaceCom, Battery Pack SP with Wi-Fi, and Data module compactplus — SpaceCom 7.5 High2022-04-14

Vulnerabilities classified as CWE-643 (XPath表达式中数据转义处理不恰当(XPath注入)) represent 11 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.