• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors

CWE-611

CVE-2020-11885

February 26, 2023 by

WSO2 Enterprise Integrator through 6.6.0 has an XXE vulnerability where a user (with admin console access) can use the XML validator to make unintended network invocations such as SSRF via an uploaded file.

CVE-2020-11586

February 26, 2023 by

An XXE issue was discovered in CIPPlanner CIPAce 9.1 Build 2019092801. An unauthenticated attacker can make an API request that contains malicious XML DTD data.

CVE-2020-11541

February 26, 2023 by

In TechSmith SnagIt 11.2.1 through 20.0.3, an XML External Entity (XXE) injection issue exists that would allow a local attacker to exfiltrate data under the local Administrator account.

CVE-2020-10990

February 26, 2023 by

An XXE issue exists in Accenture Mercury before 1.12.28 because of the platformlambda/core/serializers/SimpleXmlParser.java component.

CVE-2020-10991

February 26, 2023 by

Mulesoft APIkit through 1.3.0 allows XXE because of validation/RestXmlSchemaValidator.java

CVE-2020-10992

February 26, 2023 by

Azkaban through 3.84.0 allows XXE, related to validator/XmlValidatorManager.java and user/XmlUserManager.java.

  • « Go to Previous Page
  • Go to page 1
  • Interim pages omitted …
  • Go to page 47
  • Go to page 48
  • Go to page 49
  • Go to page 50
  • Go to page 51
  • Interim pages omitted …
  • Go to page 107
  • Go to Next Page »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE