Xxe

IBM Engineering Lifecycle Management 7.0.3, 7.1.0, and 7.2.0 are vulnerable to XML external entity injection (XXE), allowing an authenticated attacker to expose sensitive information or consume memory resources.

A public exploit, named CosmicSting, has been released for CVE-2024-34102, an XML External Entity (XXE) Injection vulnerability in Adobe Commerce allowing for unauthenticated remote file read, SSRF, and potential RCE.

Vvveb before 1.0.8.2 is vulnerable to XML external entity (XXE) injection in the admin import feature, allowing authenticated site administrators to read arbitrary files and modify database records, potentially leading to privilege escalation.

Pachno 1.0.6 is vulnerable to XML external entity injection, allowing unauthenticated attackers to read arbitrary files by injecting malicious XML entities into wiki content due to unsafe XML parsing in the TextParser helper.

OpenEMR before version 8.0.0.3 is vulnerable to XML External Entity (XXE) injection, allowing an authenticated user with access to the Carecoordination module to upload a crafted CCDA document and read arbitrary files from the server.

A vulnerability in changedetection.io versions 0.54.9 and earlier allows a remote attacker to perform XML External Entity (XXE) attacks, potentially exposing sensitive local files.

The xmldom package is vulnerable to XML injection. The package serializes DocumentType node fields (internalSubset, publicId, systemId) verbatim without any escaping or validation. When these fields are set programmatically to attacker-controlled strings, XMLSerializer.serializeToString can produce output where the DOCTYPE declaration is terminated early and arbitrary markup appears outside it. To address this applications that pass untrusted data to createDocumentType() or write untrusted values directly to a DocumentType node's publicId, systemId, or internalSubset properties should audit all serializeToString() call sites and add the option.