Количество 2
Количество 2
CVE-2025-10713
An XML External Entity (XXE) vulnerability exists in multiple WSO2 products due to improper configuration of the XML parser. The application parses user-supplied XML without applying sufficient restrictions, allowing resolution of external entities. A successful attack could enable a remote, unauthenticated attacker to read sensitive files from the server's filesystem or perform denial-of-service (DoS) attacks that render affected services unavailable.
GHSA-fvfq-q238-j7j3
WSO2 Carbon Mediation vulnerable to XML External Entity (XXE) attacks
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2025-10713 An XML External Entity (XXE) vulnerability exists in multiple WSO2 products due to improper configuration of the XML parser. The application parses user-supplied XML without applying sufficient restrictions, allowing resolution of external entities. A successful attack could enable a remote, unauthenticated attacker to read sensitive files from the server's filesystem or perform denial-of-service (DoS) attacks that render affected services unavailable. | CVSS3: 6.5 | 0% Низкий | 3 месяца назад |
| GHSA-fvfq-q238-j7j3 WSO2 Carbon Mediation vulnerable to XML External Entity (XXE) attacks | CVSS3: 6.5 | 0% Низкий | 3 месяца назад |
Уязвимостей на страницу