Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-91 (XML注入(XPath盲注)) — Vulnerability Class 45

45 vulnerabilities classified as CWE-91 (XML注入(XPath盲注)). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2022-22244 Junos OS: Unauthenticated XPath Injection vulnerability in J-Web — Junos OS 5.3 Medium2022-10-18
CVE-2022-34253 Adobe Commerce XML Injection Arbitrary code execution — Magento Commerce 7.2 -2022-08-16
CVE-2022-2458 Business-central 代码问题漏洞 — Red Hat Process Automation Manager 7 8.2 -2022-08-09
CVE-2021-27777 HCL Unica Platform is vulnerable to XML External Entity (XXE) injection — HCL Unica 7.5 High2022-05-12
CVE-2022-20729 Cisco Firepower Threat Defense Software XML Injection Vulnerability — Cisco Firepower Threat Defense Software 4.4 Medium2022-05-03
CVE-2021-22524 Denial of service vulnerability in NetIQ Access Manager versions prior to version 4.5.4 and 5.0.1 — NetIQ Access Manager 5.4 Medium2021-09-13
CVE-2021-39181 Unsafe Deserialization of User Data Using XStream — OpenOLAT 8.8 High2021-09-01
CVE-2021-36020 Magento Commerce XML Injection Vulnerability In The 'City' Field Could Lead To Remote Code Execution — Magento Commerce 8.2 High2021-09-01
CVE-2021-36028 Magento Commerce XML Injection Vulnerability Could Lead To Remote Code Execution — Magento Commerce 9.1 Critical2021-09-01
CVE-2021-36033 Magento Commerce Widgets Module XML Injection Vulnerability Could Lead To Remote Code Execution — Magento Commerce 9.1 Critical2021-09-01
CVE-2021-32758 Layout XML Arbitrary Code Fix — magento-lts 7.2 High2021-08-27
CVE-2021-21025 Magento Commerce XML Injection Could Lead To Arbitrary Code Execution — Magento Commerce 9.1 -2021-02-11
CVE-2021-21019 Magento Commerce XML Injection Could Lead To Remote Code Execution — Magento Commerce 9.1 -2021-02-11
CVE-2020-8479 ABB Central Licensing System - XML External Entity Injection — Central Licensing System 9.4 Critical2020-04-29
CVE-2019-17323 ClipSoft REXPERT 安全漏洞 — REXPERT 8.8 -2019-10-30

Vulnerabilities classified as CWE-91 (XML注入(XPath盲注)) represent 45 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.