Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by CWE-91
Total 72 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2021-31347 2 Debian, Ezxml Project 2 Debian Linux, Ezxml 2022-04-18 4.3 MEDIUM 6.5 MEDIUM
An issue was discovered in libezxml.a in ezXML 0.8.6. The function ezxml_parse_str() performs incorrect memory handling while parsing crafted XML files (writing outside a memory region created by mmap).
CVE-2018-19277 1 Phpspreadsheet Project 1 Phpspreadsheet 2022-04-18 6.8 MEDIUM 8.8 HIGH
securityScan() in PHPOffice PhpSpreadsheet through 1.5.0 allows a bypass of protection mechanisms for XXE via UTF-7 encoding in a .xlsx file
CVE-2019-14277 1 Axway 1 Securetransport 2022-04-18 7.5 HIGH 9.8 CRITICAL
** DISPUTED ** Axway SecureTransport 5.x through 5.3 (or 5.x through 5.5 with certain API configuration) is vulnerable to unauthenticated blind XML injection (and XXE) in the resetPassword functionality via the REST API. This vulnerability can lead to local file disclosure, DoS, or URI invocation attacks (i.e., SSRF with resultant remote code execution). NOTE: The vendor disputes this issues as not being a vulnerability because “All attacks that use external entities are blocked (no external DTD or file inclusions, no SSRF). The impact on confidentiality, integrity and availability is not proved on any version.”
CVE-2022-25356 1 Altn 1 Securitygateway 2022-04-12 5.0 MEDIUM 5.3 MEDIUM
Alt-N MDaemon Security Gateway through 8.5.0 allows SecurityGateway.dll?view=login XML Injection.
CVE-2021-38948 3 Ibm, Linux, Microsoft 4 Aix, Infosphere Information Server, Linux Kernel and 1 more 2021-11-03 6.4 MEDIUM 9.1 CRITICAL
IBM InfoSphere Information Server 11.7 is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 211402.
CVE-2021-22524 1 Microfocus 1 Access Manager 2021-09-22 4.0 MEDIUM 4.9 MEDIUM
Injection attack caused the denial of service vulnerability in NetIQ Access Manager prior to 5.0.1 and 4.5.4
CVE-2021-39181 1 Frentix 1 Openolat 2021-09-10 6.5 MEDIUM 8.8 HIGH
OpenOlat is a web-based learning management system (LMS). Prior to version 15.3.18, 15.5.3, and 16.0.0, using a prepared import XML file (e.g. a course) any class on the Java classpath can be instantiated, including spring AOP bean factories. This can be used to execute code arbitrary code by the attacker. The attack requires an OpenOlat user account with the authoring role. It can not be exploited by unregistered users. The problem is fixed in versions 15.3.18, 15.5.3, and 16.0.0. There are no known workarounds aside from upgrading.
CVE-2021-36028 1 Adobe 2 Adobe Commerce, Magento Open Source 2021-09-08 6.5 MEDIUM 7.2 HIGH
Magento Commerce versions 2.4.2 (and earlier), 2.4.2-p1 (and earlier) and 2.3.7 (and earlier) are affected by an XML Injection vulnerability when saving a configurable product. An attacker with admin privileges can trigger a specially crafted script to achieve remote code execution.
CVE-2021-36033 1 Adobe 2 Adobe Commerce, Magento Open Source 2021-09-08 6.5 MEDIUM 7.2 HIGH
Magento Commerce versions 2.4.2 (and earlier), 2.4.2-p1 (and earlier) and 2.3.7 (and earlier) are affected by an XML Injection vulnerability in the Widgets Module. An attacker with admin privileges can trigger a specially crafted script to achieve remote code execution.
CVE-2021-36020 1 Adobe 2 Adobe Commerce, Magento Open Source 2021-09-08 7.5 HIGH 9.8 CRITICAL
Magento Commerce versions 2.4.2 (and earlier), 2.4.2-p1 (and earlier) and 2.3.7 (and earlier) are affected by an XML Injection vulnerability in the 'City' field. An unauthenticated attacker can trigger a specially crafted script to achieve remote code execution.
CVE-2021-32758 1 Openmage 1 Openmage 2021-09-08 9.0 HIGH 7.2 HIGH
OpenMage Magento LTS is an alternative to the Magento CE official releases. Prior to versions 19.4.15 and 20.0.11, layout XML enabled admin users to execute arbitrary commands via block methods. The latest OpenMage Versions up from v19.4.15 and v20.0.11 have this Issue patched.
CVE-2018-1000632 5 Debian, Dom4j Project, Netapp and 2 more 15 Debian Linux, Dom4j, Oncommand Workflow Automation and 12 more 2021-09-06 5.0 MEDIUM 7.5 HIGH
dom4j version prior to version 2.1.1 contains a CWE-91: XML Injection vulnerability in Class: Element. Methods: addElement, addAttribute that can result in an attacker tampering with XML documents through XML injection. This attack appear to be exploitable via an attacker specifying attributes or elements in the XML document. This vulnerability appears to have been fixed in 2.1.1 or later.
CVE-2021-36359 1 Bscw 1 Bscw Classic 2021-09-01 6.5 MEDIUM 8.8 HIGH
OrbiTeam BSCW Classic before 7.4.3 allows exportpdf authenticated remote code execution (RCE) via XML tag injection because reportlab\platypus\paraparser.py (reached via bscw.cgi op=_editfolder.EditFolder) calls eval on attacker-supplied Python code. This is fixed in 5.0.12, 5.1.10, 5.2.4, 7.3.3, and 7.4.3.
CVE-2021-37154 1 Forgerock 1 Access Management 2021-09-01 10.0 HIGH 9.8 CRITICAL
In ForgeRock Access Management (AM) before 7.0.2, the SAML2 implementation allows XML injection, potentially enabling a fraudulent SAML 2.0 assertion.
CVE-2020-4774 1 Ibm 1 Curam Social Program Management 2021-07-21 5.5 MEDIUM 5.4 MEDIUM
An XPath vulnerability may impact IBM Curam Social Program Management 7.0.9 and 7.0.10, caused by the improper handling of user-supplied input. By sending a specially-crafted input, a remote attacker could exploit this vulnerability to obtain unauthorized access or reveal sensitive information such as XML document structure and content. IBM X-Force ID: 189152.
CVE-2021-2322 1 Oracle 1 Opengrok 2021-06-29 6.5 MEDIUM 8.8 HIGH
Vulnerability in OpenGrok (component: Web App). Versions that are affected are 1.6.7 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via HTTPS to compromise OpenGrok. Successful attacks of this vulnerability can result in takeover of OpenGrok. CVSS 3.1 Base Score 8.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H).
CVE-2021-21019 1 Magento 1 Magento 2021-02-16 6.5 MEDIUM 9.1 CRITICAL
Magento versions 2.4.1 (and earlier), 2.4.0-p1 (and earlier) and 2.3.6 (and earlier) are vulnerable to XML injection in the Widgets module. Successful exploitation could lead to arbitrary code execution by an authenticated attacker. Access to the admin console is required for successful exploitation.
CVE-2021-21025 1 Magento 1 Magento 2021-02-16 6.5 MEDIUM 9.1 CRITICAL
Magento versions 2.4.1 (and earlier), 2.4.0-p1 (and earlier) and 2.3.6 (and earlier) are vulnerable to XML injection in the product layout updates. Successful exploitation could lead to arbitrary code execution by an authenticated attacker. Access to the admin console is required for successful exploitation.
CVE-2020-29128 1 Petl Project 1 Petl 2020-12-03 6.8 MEDIUM 9.8 CRITICAL
petl before 1.68, in some configurations, allows resolution of entities in an XML document.
CVE-2017-15685 1 Craftercms 1 Crafter Cms 2020-11-28 5.0 MEDIUM 8.6 HIGH
Crafter CMS Crafter Studio 3.0.1 is affected by: XML External Entity (XXE). An unauthenticated attacker is able to create a site with specially crafted XML that allows the retrieval of OS files out-of-band.