Product
CVE-2024-2374 describes an XML External Entity (XXE) vulnerability in multiple WSO2 products, where improperly configured XML parsers allow attackers to inject malicious XML payloads to include external resources, leading to confidential file access, limited HTTP resource access, and denial-of-service attacks.