Common Weakness Enumeration

CWE-611

Allowed

Improper Restriction of XML External Entity Reference

Abstraction: Base · Status: Draft

The product processes an XML document that can contain XML entities with URIs that resolve to documents outside of the intended sphere of control, causing the product to embed incorrect documents into its output.

1691 vulnerabilities reference this CWE, most recent first.

CVE-2025-10816 (GCVE-0-2025-10816)

Vulnerability from cvelistv5 – Published: 2025-09-22 21:32 – Updated: 2025-09-23 16:02
VLAI
Title
Jinher OA XML text xml external entity reference
Summary
A security flaw has been discovered in Jinher OA 2.0. This affects an unknown part of the file /c6/Jhsoft.Web.module/ToolBar/GetWordFileName.aspx/?text=GetUrl&style=add of the component XML Handler. Performing manipulation results in xml external entity reference. The attack may be initiated remotely. The exploit has been released to the public and may be exploited.
SSVC
Exploitation: poc Automatable: yes Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
  • CWE-611 - XML External Entity Reference
  • CWE-610 - Externally Controlled Reference
Assigner
References
URL Tags
https://vuldb.com/?id.325174 vdb-entry
https://vuldb.com/?ctiid.325174 signaturepermissions-required
https://vuldb.com/?submit.654466 third-party-advisory
https://github.com/1296299554/CVE/issues/1 exploitissue-tracking
Impacted products
Vendor Product Version
Jinher OA Affected: 2.0
Create a notification for this product.
Credits
lanyuejian (VulDB User)
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-10816",
                "options": [
                  {
                    "Exploitation": "poc"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-09-23T16:01:30.377156Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-09-23T16:02:01.993Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "modules": [
            "XML Handler"
          ],
          "product": "OA",
          "vendor": "Jinher",
          "versions": [
            {
              "status": "affected",
              "version": "2.0"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "reporter",
          "value": "lanyuejian (VulDB User)"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A security flaw has been discovered in Jinher OA 2.0. This affects an unknown part of the file /c6/Jhsoft.Web.module/ToolBar/GetWordFileName.aspx/?text=GetUrl\u0026style=add of the component XML Handler. Performing manipulation results in xml external entity reference. The attack may be initiated remotely. The exploit has been released to the public and may be exploited."
        },
        {
          "lang": "de",
          "value": "In Jinher OA 2.0 wurde eine Schwachstelle gefunden. Hierbei betrifft es unbekannten Programmcode der Datei /c6/Jhsoft.Web.module/ToolBar/GetWordFileName.aspx/?text=GetUrl\u0026style=add der Komponente XML Handler. Durch Beeinflussen mit unbekannten Daten kann eine xml external entity reference-Schwachstelle ausgenutzt werden. Der Angriff l\u00e4sst sich \u00fcber das Netzwerk starten. Die Ausnutzung wurde ver\u00f6ffentlicht und kann verwendet werden."
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "baseScore": 6.9,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P",
            "version": "4.0"
          }
        },
        {
          "cvssV3_1": {
            "baseScore": 7.3,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R",
            "version": "3.1"
          }
        },
        {
          "cvssV3_0": {
            "baseScore": 7.3,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R",
            "version": "3.0"
          }
        },
        {
          "cvssV2_0": {
            "baseScore": 7.5,
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P/E:POC/RL:ND/RC:UR",
            "version": "2.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-611",
              "description": "XML External Entity Reference",
              "lang": "en",
              "type": "CWE"
            }
          ]
        },
        {
          "descriptions": [
            {
              "cweId": "CWE-610",
              "description": "Externally Controlled Reference",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-09-22T21:32:07.896Z",
        "orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
        "shortName": "VulDB"
      },
      "references": [
        {
          "name": "VDB-325174 | Jinher OA XML text xml external entity reference",
          "tags": [
            "vdb-entry"
          ],
          "url": "https://vuldb.com/?id.325174"
        },
        {
          "name": "VDB-325174 | CTI Indicators (IOB, IOC, IOA)",
          "tags": [
            "signature",
            "permissions-required"
          ],
          "url": "https://vuldb.com/?ctiid.325174"
        },
        {
          "name": "Submit #654466 | Jinher OA V2.0 XML External Entity Reference",
          "tags": [
            "third-party-advisory"
          ],
          "url": "https://vuldb.com/?submit.654466"
        },
        {
          "tags": [
            "exploit",
            "issue-tracking"
          ],
          "url": "https://github.com/1296299554/CVE/issues/1"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2025-09-21T00:00:00.000Z",
          "value": "Advisory disclosed"
        },
        {
          "lang": "en",
          "time": "2025-09-21T02:00:00.000Z",
          "value": "VulDB entry created"
        },
        {
          "lang": "en",
          "time": "2025-09-21T12:54:54.000Z",
          "value": "VulDB entry last update"
        }
      ],
      "title": "Jinher OA XML text xml external entity reference"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
    "assignerShortName": "VulDB",
    "cveId": "CVE-2025-10816",
    "datePublished": "2025-09-22T21:32:07.896Z",
    "dateReserved": "2025-09-21T10:49:51.521Z",
    "dateUpdated": "2025-09-23T16:02:01.993Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2025-10713 (GCVE-0-2025-10713)

Vulnerability from cvelistv5 – Published: 2025-11-05 17:18 – Updated: 2025-11-05 18:15
VLAI
Title
XML External Entity (XXE) Vulnerability in Multiple WSO2 Products Due to Improper XML Parser Configuration
Summary
An XML External Entity (XXE) vulnerability exists in multiple WSO2 products due to improper configuration of the XML parser. The application parses user-supplied XML without applying sufficient restrictions, allowing resolution of external entities. A successful attack could enable a remote, unauthenticated attacker to read sensitive files from the server's filesystem or perform denial-of-service (DoS) attacks that render affected services unavailable.
SSVC
Exploitation: none Automatable: no Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
  • CWE-611 - Improper Restriction of XML External Entity Reference
Assigner
References
Impacted products
Vendor Product Version
WSO2 WSO2 Enterprise Integrator Unknown: 0 , < 6.6.0 (custom)
Affected: 6.6.0 , < 6.6.0.223 (custom)
Create a notification for this product.
WSO2 WSO2 API Control Plane Affected: 4.5.0 , < 4.5.0.27 (custom)
Create a notification for this product.
WSO2 WSO2 Universal Gateway Affected: 4.5.0 , < 4.5.0.25 (custom)
Create a notification for this product.
WSO2 WSO2 Traffic Manager Affected: 4.5.0 , < 4.5.0.25 (custom)
Create a notification for this product.
WSO2 WSO2 API Manager Unknown: 0 , < 3.1.0 (custom)
Affected: 3.1.0 , < 3.1.0.344 (custom)
Affected: 3.2.0 , < 3.2.0.445 (custom)
Affected: 3.2.1 , < 3.2.1.65 (custom)
Affected: 4.0.0 , < 4.0.0.365 (custom)
Affected: 4.1.0 , < 4.1.0.227 (custom)
Affected: 4.2.0 , < 4.2.0.167 (custom)
Affected: 4.3.0 , < 4.3.0.79 (custom)
Affected: 4.4.0 , < 4.4.0.43 (custom)
Affected: 4.5.0 , < 4.5.0.26 (custom)
Create a notification for this product.
WSO2 WSO2 Identity Server Unknown: 0 , < 5.10.0 (custom)
Affected: 5.10.0 , < 5.10.0.373 (custom)
Affected: 5.11.0 , < 5.11.0.417 (custom)
Affected: 7.1.0 , < 7.1.0.29 (custom)
Create a notification for this product.
WSO2 WSO2 Open Banking IAM Unknown: 0 , < 2.0.0 (custom)
Affected: 2.0.0 , < 2.0.0.413 (custom)
Create a notification for this product.
WSO2 WSO2 Open Banking AM Unknown: 0 , < 2.0.0 (custom)
Affected: 2.0.0 , < 2.0.0.393 (custom)
Create a notification for this product.
WSO2 WSO2 Identity Server as Key Manager Unknown: 0 , < 5.10.0 (custom)
Affected: 5.10.0 , < 5.10.0.363 (custom)
Create a notification for this product.
WSO2 org.wso2.carbon.mediation:org.wso2.carbon.localentry Affected: 4.7.30 , < 4.7.30.46 (custom)
Affected: 4.7.61 , < 4.7.61.61 (custom)
Affected: 4.7.99 , < 4.7.99.303 (custom)
Affected: 4.7.131 , < 4.7.131.21 (custom)
Affected: 4.7.175 , < 4.7.175.29 (custom)
Affected: 4.7.188 , < 4.7.188.11 (custom)
Affected: 4.7.204 , < 4.7.204.12 (custom)
Affected: 4.7.221 , < 4.7.221.6 (custom)
Affected: 4.7.245 , < 4.7.245.6 (custom)
Unaffected: 4.7.259 , ≤ * (custom)
Create a notification for this product.
Credits
crnković
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-10713",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-11-05T18:15:46.961845Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-11-05T18:15:56.913Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "WSO2 Enterprise Integrator",
          "vendor": "WSO2",
          "versions": [
            {
              "lessThan": "6.6.0",
              "status": "unknown",
              "version": "0",
              "versionType": "custom"
            },
            {
              "lessThan": "6.6.0.223",
              "status": "affected",
              "version": "6.6.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "WSO2 API Control Plane",
          "vendor": "WSO2",
          "versions": [
            {
              "lessThan": "4.5.0.27",
              "status": "affected",
              "version": "4.5.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "WSO2 Universal Gateway",
          "vendor": "WSO2",
          "versions": [
            {
              "lessThan": "4.5.0.25",
              "status": "affected",
              "version": "4.5.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "WSO2 Traffic Manager",
          "vendor": "WSO2",
          "versions": [
            {
              "lessThan": "4.5.0.25",
              "status": "affected",
              "version": "4.5.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "WSO2 API Manager",
          "vendor": "WSO2",
          "versions": [
            {
              "lessThan": "3.1.0",
              "status": "unknown",
              "version": "0",
              "versionType": "custom"
            },
            {
              "lessThan": "3.1.0.344",
              "status": "affected",
              "version": "3.1.0",
              "versionType": "custom"
            },
            {
              "lessThan": "3.2.0.445",
              "status": "affected",
              "version": "3.2.0",
              "versionType": "custom"
            },
            {
              "lessThan": "3.2.1.65",
              "status": "affected",
              "version": "3.2.1",
              "versionType": "custom"
            },
            {
              "lessThan": "4.0.0.365",
              "status": "affected",
              "version": "4.0.0",
              "versionType": "custom"
            },
            {
              "lessThan": "4.1.0.227",
              "status": "affected",
              "version": "4.1.0",
              "versionType": "custom"
            },
            {
              "lessThan": "4.2.0.167",
              "status": "affected",
              "version": "4.2.0",
              "versionType": "custom"
            },
            {
              "lessThan": "4.3.0.79",
              "status": "affected",
              "version": "4.3.0",
              "versionType": "custom"
            },
            {
              "lessThan": "4.4.0.43",
              "status": "affected",
              "version": "4.4.0",
              "versionType": "custom"
            },
            {
              "lessThan": "4.5.0.26",
              "status": "affected",
              "version": "4.5.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "WSO2 Identity Server",
          "vendor": "WSO2",
          "versions": [
            {
              "lessThan": "5.10.0",
              "status": "unknown",
              "version": "0",
              "versionType": "custom"
            },
            {
              "lessThan": "5.10.0.373",
              "status": "affected",
              "version": "5.10.0",
              "versionType": "custom"
            },
            {
              "lessThan": "5.11.0.417",
              "status": "affected",
              "version": "5.11.0",
              "versionType": "custom"
            },
            {
              "lessThan": "7.1.0.29",
              "status": "affected",
              "version": "7.1.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "WSO2 Open Banking IAM",
          "vendor": "WSO2",
          "versions": [
            {
              "lessThan": "2.0.0",
              "status": "unknown",
              "version": "0",
              "versionType": "custom"
            },
            {
              "lessThan": "2.0.0.413",
              "status": "affected",
              "version": "2.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "WSO2 Open Banking AM",
          "vendor": "WSO2",
          "versions": [
            {
              "lessThan": "2.0.0",
              "status": "unknown",
              "version": "0",
              "versionType": "custom"
            },
            {
              "lessThan": "2.0.0.393",
              "status": "affected",
              "version": "2.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "WSO2 Identity Server as Key Manager",
          "vendor": "WSO2",
          "versions": [
            {
              "lessThan": "5.10.0",
              "status": "unknown",
              "version": "0",
              "versionType": "custom"
            },
            {
              "lessThan": "5.10.0.363",
              "status": "affected",
              "version": "5.10.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "packageName": "org.wso2.carbon.mediation:org.wso2.carbon.localentry",
          "product": "org.wso2.carbon.mediation:org.wso2.carbon.localentry",
          "vendor": "WSO2",
          "versions": [
            {
              "lessThan": "4.7.30.46",
              "status": "affected",
              "version": "4.7.30",
              "versionType": "custom"
            },
            {
              "lessThan": "4.7.61.61",
              "status": "affected",
              "version": "4.7.61",
              "versionType": "custom"
            },
            {
              "lessThan": "4.7.99.303",
              "status": "affected",
              "version": "4.7.99",
              "versionType": "custom"
            },
            {
              "lessThan": "4.7.131.21",
              "status": "affected",
              "version": "4.7.131",
              "versionType": "custom"
            },
            {
              "lessThan": "4.7.175.29",
              "status": "affected",
              "version": "4.7.175",
              "versionType": "custom"
            },
            {
              "lessThan": "4.7.188.11",
              "status": "affected",
              "version": "4.7.188",
              "versionType": "custom"
            },
            {
              "lessThan": "4.7.204.12",
              "status": "affected",
              "version": "4.7.204",
              "versionType": "custom"
            },
            {
              "lessThan": "4.7.221.6",
              "status": "affected",
              "version": "4.7.221",
              "versionType": "custom"
            },
            {
              "lessThan": "4.7.245.6",
              "status": "affected",
              "version": "4.7.245",
              "versionType": "custom"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "4.7.259",
              "versionType": "custom"
            }
          ]
        }
      ],
      "cpeApplicability": [
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:a:wso2:wso2_enterprise_integrator:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.6.0.223",
                  "versionStartIncluding": "6.6.0",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            },
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:a:wso2:wso2_api_control_plane:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "4.5.0.27",
                  "versionStartIncluding": "4.5.0",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            },
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:a:wso2:wso2_universal_gateway:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "4.5.0.25",
                  "versionStartIncluding": "4.5.0",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            },
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:a:wso2:wso2_traffic_manager:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "4.5.0.25",
                  "versionStartIncluding": "4.5.0",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            },
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:a:wso2:wso2_api_manager:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "3.1.0.344",
                  "versionStartIncluding": "3.1.0",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:a:wso2:wso2_api_manager:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "3.2.0.445",
                  "versionStartIncluding": "3.2.0",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:a:wso2:wso2_api_manager:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "3.2.1.65",
                  "versionStartIncluding": "3.2.1",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:a:wso2:wso2_api_manager:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "4.0.0.365",
                  "versionStartIncluding": "4.0.0",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:a:wso2:wso2_api_manager:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "4.1.0.227",
                  "versionStartIncluding": "4.1.0",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:a:wso2:wso2_api_manager:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "4.2.0.167",
                  "versionStartIncluding": "4.2.0",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:a:wso2:wso2_api_manager:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "4.3.0.79",
                  "versionStartIncluding": "4.3.0",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:a:wso2:wso2_api_manager:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "4.4.0.43",
                  "versionStartIncluding": "4.4.0",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:a:wso2:wso2_api_manager:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "4.5.0.26",
                  "versionStartIncluding": "4.5.0",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            },
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:a:wso2:wso2_identity_server:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.10.0.373",
                  "versionStartIncluding": "5.10.0",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:a:wso2:wso2_identity_server:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.11.0.417",
                  "versionStartIncluding": "5.11.0",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:a:wso2:wso2_identity_server:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "7.1.0.29",
                  "versionStartIncluding": "7.1.0",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            },
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:a:wso2:wso2_open_banking_iam:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "2.0.0.413",
                  "versionStartIncluding": "2.0.0",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            },
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:a:wso2:wso2_open_banking_am:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "2.0.0.393",
                  "versionStartIncluding": "2.0.0",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            },
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:a:wso2:wso2_identity_server_as_key_manager:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.10.0.363",
                  "versionStartIncluding": "5.10.0",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            },
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:a:wso2:org.wso2.carbon.mediation_org.wso2.carbon.localentry:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "4.7.30.46",
                  "versionStartIncluding": "4.7.30",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:a:wso2:org.wso2.carbon.mediation_org.wso2.carbon.localentry:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "4.7.61.61",
                  "versionStartIncluding": "4.7.61",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:a:wso2:org.wso2.carbon.mediation_org.wso2.carbon.localentry:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "4.7.99.303",
                  "versionStartIncluding": "4.7.99",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:a:wso2:org.wso2.carbon.mediation_org.wso2.carbon.localentry:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "4.7.131.21",
                  "versionStartIncluding": "4.7.131",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:a:wso2:org.wso2.carbon.mediation_org.wso2.carbon.localentry:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "4.7.175.29",
                  "versionStartIncluding": "4.7.175",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:a:wso2:org.wso2.carbon.mediation_org.wso2.carbon.localentry:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "4.7.188.11",
                  "versionStartIncluding": "4.7.188",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:a:wso2:org.wso2.carbon.mediation_org.wso2.carbon.localentry:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "4.7.204.12",
                  "versionStartIncluding": "4.7.204",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:a:wso2:org.wso2.carbon.mediation_org.wso2.carbon.localentry:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "4.7.221.6",
                  "versionStartIncluding": "4.7.221",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:a:wso2:org.wso2.carbon.mediation_org.wso2.carbon.localentry:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "4.7.245.6",
                  "versionStartIncluding": "4.7.245",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:a:wso2:org.wso2.carbon.mediation_org.wso2.carbon.localentry:*:*:*:*:*:*:*:*",
                  "versionEndIncluding": "*",
                  "versionStartIncluding": "4.7.259",
                  "vulnerable": false
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ],
          "operator": "OR"
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "reporter",
          "value": "crnkovi\u0107"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "An XML External Entity (XXE) vulnerability exists in multiple WSO2 products due to improper configuration of the XML parser. The application parses user-supplied XML without applying sufficient restrictions, allowing resolution of external entities.\u003cbr\u003e\u003cbr\u003eA successful attack could enable a remote, unauthenticated attacker to read sensitive files from the server\u0027s filesystem or perform denial-of-service (DoS) attacks that render affected services unavailable.\u003cbr\u003e"
            }
          ],
          "value": "An XML External Entity (XXE) vulnerability exists in multiple WSO2 products due to improper configuration of the XML parser. The application parses user-supplied XML without applying sufficient restrictions, allowing resolution of external entities.\n\nA successful attack could enable a remote, unauthenticated attacker to read sensitive files from the server\u0027s filesystem or perform denial-of-service (DoS) attacks that render affected services unavailable."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-611",
              "description": "CWE-611 Improper Restriction of XML External Entity Reference",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-11-05T17:18:24.719Z",
        "orgId": "ed10eef1-636d-4fbe-9993-6890dfa878f8",
        "shortName": "WSO2"
      },
      "references": [
        {
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2025/WSO2-2025-4505/"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cspan style=\"background-color: transparent;\"\u003eFollow the instructions given on \u003c/span\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2025/WSO2-2025-4505/#solution\"\u003e\u003cspan style=\"background-color: transparent;\"\u003ehttps://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2025/WSO2-2025-4505/#solution\u003c/span\u003e\u003c/a\u003e \u003cbr\u003e"
            }
          ],
          "value": "Follow the instructions given on https://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2025/WSO2-2025-4505/#solution"
        }
      ],
      "source": {
        "advisory": "WSO2-2025-4505",
        "discovery": "EXTERNAL"
      },
      "title": "XML External Entity (XXE) Vulnerability in Multiple WSO2 Products Due to Improper XML Parser Configuration",
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "ed10eef1-636d-4fbe-9993-6890dfa878f8",
    "assignerShortName": "WSO2",
    "cveId": "CVE-2025-10713",
    "datePublished": "2025-11-05T17:18:24.719Z",
    "dateReserved": "2025-09-19T06:15:37.907Z",
    "dateUpdated": "2025-11-05T18:15:56.913Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2025-10183 (GCVE-0-2025-10183)

Vulnerability from cvelistv5 – Published: 2025-09-09 14:50 – Updated: 2025-09-09 15:14
VLAI
Title
XML External Entity Injection in TecConnect 4.1
Summary
A blind XML External Entity (XXE) injection in the OpenMessaging webservice in TecCom TecConnect 4.1 allows an unauthenticated attacker to exfiltrate arbitrary files to an attacker-controlled server. TecConnect 4.1 is considered end-of-life as of December 2023. Users are advised to upgrade to TecCom Connect 5.
SSVC
Exploitation: poc Automatable: yes Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
  • CWE-611 - Improper Restriction of XML External Entity Reference
Assigner
Impacted products
Vendor Product Version
TecCom TecConnect Affected: 4.1
Create a notification for this product.
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-10183",
                "options": [
                  {
                    "Exploitation": "poc"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-09-09T15:14:49.713952Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-09-09T15:14:59.774Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "TecConnect",
          "vendor": "TecCom",
          "versions": [
            {
              "status": "affected",
              "version": "4.1"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "A blind XML External Entity (XXE) injection in the OpenMessaging webservice in TecCom TecConnect 4.1 allows an unauthenticated attacker to exfiltrate arbitrary files to an attacker-controlled server. TecConnect 4.1 is considered end-of-life as of December 2023. Users are advised to upgrade to TecCom Connect 5."
            }
          ],
          "value": "A blind XML External Entity (XXE) injection in the OpenMessaging webservice in TecCom TecConnect 4.1 allows an unauthenticated attacker to exfiltrate arbitrary files to an attacker-controlled server. TecConnect 4.1 is considered end-of-life as of December 2023. Users are advised to upgrade to TecCom Connect 5."
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-201",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-201 XML Entity Linking"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 9.1,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-611",
              "description": "CWE-611 Improper Restriction of XML External Entity Reference",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-09-09T14:50:42.841Z",
        "orgId": "27b6da8a-f51d-48d9-9eef-9b7f3405d20d",
        "shortName": "BLSOPS"
      },
      "references": [
        {
          "url": "https://blog.blacklanternsecurity.com/p/teccom-tecconnect-41-xml-external"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "title": "XML External Entity Injection in TecConnect 4.1",
      "x_generator": {
        "engine": "Vulnogram 0.1.0-dev"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "27b6da8a-f51d-48d9-9eef-9b7f3405d20d",
    "assignerShortName": "BLSOPS",
    "cveId": "CVE-2025-10183",
    "datePublished": "2025-09-09T14:50:22.152Z",
    "dateReserved": "2025-09-09T14:41:44.314Z",
    "dateUpdated": "2025-09-09T15:14:59.774Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2025-10092 (GCVE-0-2025-10092)

Vulnerability from cvelistv5 – Published: 2025-09-08 11:32 – Updated: 2025-09-08 13:33
VLAI
Title
Jinher OA XML Type xml external entity reference
Summary
A vulnerability was found in Jinher OA up to 1.2. This impacts an unknown function of the file /c6/Jhsoft.Web.projectmanage/TaskManage/AddTask.aspx/?Type=add of the component XML Handler. The manipulation results in xml external entity reference. The attack can be executed remotely. The exploit has been made public and could be used.
SSVC
Exploitation: poc Automatable: yes Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
  • CWE-611 - XML External Entity Reference
  • CWE-610 - Externally Controlled Reference
Assigner
References
URL Tags
https://vuldb.com/?id.323047 vdb-entry
https://vuldb.com/?ctiid.323047 signaturepermissions-required
https://vuldb.com/?submit.644868 third-party-advisory
https://github.com/Cstarplus/CVE/issues/3 exploitissue-tracking
Impacted products
Vendor Product Version
Jinher OA Affected: 1.0
Affected: 1.1
Affected: 1.2
Create a notification for this product.
Credits
abc_123456 (VulDB User)
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-10092",
                "options": [
                  {
                    "Exploitation": "poc"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-09-08T13:33:20.332442Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-09-08T13:33:31.403Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "modules": [
            "XML Handler"
          ],
          "product": "OA",
          "vendor": "Jinher",
          "versions": [
            {
              "status": "affected",
              "version": "1.0"
            },
            {
              "status": "affected",
              "version": "1.1"
            },
            {
              "status": "affected",
              "version": "1.2"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "reporter",
          "value": "abc_123456 (VulDB User)"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability was found in Jinher OA up to 1.2. This impacts an unknown function of the file /c6/Jhsoft.Web.projectmanage/TaskManage/AddTask.aspx/?Type=add of the component XML Handler. The manipulation results in xml external entity reference. The attack can be executed remotely. The exploit has been made public and could be used."
        },
        {
          "lang": "de",
          "value": "In Jinher OA bis 1.2 ist eine Schwachstelle entdeckt worden. Das betrifft eine unbekannte Funktionalit\u00e4t der Datei /c6/Jhsoft.Web.projectmanage/TaskManage/AddTask.aspx/?Type=add der Komponente XML Handler. Die Manipulation f\u00fchrt zu xml external entity reference. Der Angriff kann \u00fcber das Netzwerk angegangen werden. Die Schwachstelle wurde \u00f6ffentlich offengelegt und k\u00f6nnte ausgenutzt werden."
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "baseScore": 6.9,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P",
            "version": "4.0"
          }
        },
        {
          "cvssV3_1": {
            "baseScore": 7.3,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R",
            "version": "3.1"
          }
        },
        {
          "cvssV3_0": {
            "baseScore": 7.3,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R",
            "version": "3.0"
          }
        },
        {
          "cvssV2_0": {
            "baseScore": 7.5,
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P/E:POC/RL:ND/RC:UR",
            "version": "2.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-611",
              "description": "XML External Entity Reference",
              "lang": "en",
              "type": "CWE"
            }
          ]
        },
        {
          "descriptions": [
            {
              "cweId": "CWE-610",
              "description": "Externally Controlled Reference",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-09-08T11:32:06.165Z",
        "orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
        "shortName": "VulDB"
      },
      "references": [
        {
          "name": "VDB-323047 | Jinher OA XML Type xml external entity reference",
          "tags": [
            "vdb-entry"
          ],
          "url": "https://vuldb.com/?id.323047"
        },
        {
          "name": "VDB-323047 | CTI Indicators (IOB, IOC, IOA)",
          "tags": [
            "signature",
            "permissions-required"
          ],
          "url": "https://vuldb.com/?ctiid.323047"
        },
        {
          "name": "Submit #644868 | Jinher OA V1.2 XML External Entity Reference",
          "tags": [
            "third-party-advisory"
          ],
          "url": "https://vuldb.com/?submit.644868"
        },
        {
          "tags": [
            "exploit",
            "issue-tracking"
          ],
          "url": "https://github.com/Cstarplus/CVE/issues/3"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2025-09-08T00:00:00.000Z",
          "value": "Advisory disclosed"
        },
        {
          "lang": "en",
          "time": "2025-09-08T02:00:00.000Z",
          "value": "VulDB entry created"
        },
        {
          "lang": "en",
          "time": "2025-09-08T07:03:08.000Z",
          "value": "VulDB entry last update"
        }
      ],
      "title": "Jinher OA XML Type xml external entity reference"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
    "assignerShortName": "VulDB",
    "cveId": "CVE-2025-10092",
    "datePublished": "2025-09-08T11:32:06.165Z",
    "dateReserved": "2025-09-08T04:58:02.481Z",
    "dateUpdated": "2025-09-08T13:33:31.403Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2025-10091 (GCVE-0-2025-10091)

Vulnerability from cvelistv5 – Published: 2025-09-08 11:02 – Updated: 2025-09-08 13:38
VLAI
Title
Jinher OA XML Type xml external entity reference
Summary
A vulnerability has been found in Jinher OA up to 1.2. This affects an unknown function of the file /c6/Jhsoft.Web.projectmanage/ProjectManage/XmlHttp.aspx/?Type=add of the component XML Handler. The manipulation leads to xml external entity reference. Remote exploitation of the attack is possible. The exploit has been disclosed to the public and may be used.
SSVC
Exploitation: poc Automatable: yes Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
  • CWE-611 - XML External Entity Reference
  • CWE-610 - Externally Controlled Reference
Assigner
References
URL Tags
https://vuldb.com/?id.323046 vdb-entry
https://vuldb.com/?ctiid.323046 signaturepermissions-required
https://vuldb.com/?submit.644864 third-party-advisory
https://github.com/Cstarplus/CVE/issues/2 exploitissue-tracking
Impacted products
Vendor Product Version
Jinher OA Affected: 1.0
Affected: 1.1
Affected: 1.2
Create a notification for this product.
Credits
abc_123456 (VulDB User)
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-10091",
                "options": [
                  {
                    "Exploitation": "poc"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-09-08T13:37:42.732067Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-09-08T13:38:24.967Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "modules": [
            "XML Handler"
          ],
          "product": "OA",
          "vendor": "Jinher",
          "versions": [
            {
              "status": "affected",
              "version": "1.0"
            },
            {
              "status": "affected",
              "version": "1.1"
            },
            {
              "status": "affected",
              "version": "1.2"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "reporter",
          "value": "abc_123456 (VulDB User)"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability has been found in Jinher OA up to 1.2. This affects an unknown function of the file /c6/Jhsoft.Web.projectmanage/ProjectManage/XmlHttp.aspx/?Type=add of the component XML Handler. The manipulation leads to xml external entity reference. Remote exploitation of the attack is possible. The exploit has been disclosed to the public and may be used."
        },
        {
          "lang": "de",
          "value": "In Jinher OA bis 1.2 wurde eine Schwachstelle gefunden. Es betrifft eine unbekannte Funktion der Datei /c6/Jhsoft.Web.projectmanage/ProjectManage/XmlHttp.aspx/?Type=add der Komponente XML Handler. Durch Beeinflussen mit unbekannten Daten kann eine xml external entity reference-Schwachstelle ausgenutzt werden. Der Angriff kann remote ausgef\u00fchrt werden. Der Exploit wurde der \u00d6ffentlichkeit bekannt gemacht und k\u00f6nnte verwendet werden."
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "baseScore": 6.9,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P",
            "version": "4.0"
          }
        },
        {
          "cvssV3_1": {
            "baseScore": 7.3,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R",
            "version": "3.1"
          }
        },
        {
          "cvssV3_0": {
            "baseScore": 7.3,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R",
            "version": "3.0"
          }
        },
        {
          "cvssV2_0": {
            "baseScore": 7.5,
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P/E:POC/RL:ND/RC:UR",
            "version": "2.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-611",
              "description": "XML External Entity Reference",
              "lang": "en",
              "type": "CWE"
            }
          ]
        },
        {
          "descriptions": [
            {
              "cweId": "CWE-610",
              "description": "Externally Controlled Reference",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-09-08T11:02:06.958Z",
        "orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
        "shortName": "VulDB"
      },
      "references": [
        {
          "name": "VDB-323046 | Jinher OA XML Type xml external entity reference",
          "tags": [
            "vdb-entry"
          ],
          "url": "https://vuldb.com/?id.323046"
        },
        {
          "name": "VDB-323046 | CTI Indicators (IOB, IOC, IOA)",
          "tags": [
            "signature",
            "permissions-required"
          ],
          "url": "https://vuldb.com/?ctiid.323046"
        },
        {
          "name": "Submit #644864 | Jinher OA V1.2 XML External Entity Reference",
          "tags": [
            "third-party-advisory"
          ],
          "url": "https://vuldb.com/?submit.644864"
        },
        {
          "tags": [
            "exploit",
            "issue-tracking"
          ],
          "url": "https://github.com/Cstarplus/CVE/issues/2"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2025-09-08T00:00:00.000Z",
          "value": "Advisory disclosed"
        },
        {
          "lang": "en",
          "time": "2025-09-08T02:00:00.000Z",
          "value": "VulDB entry created"
        },
        {
          "lang": "en",
          "time": "2025-09-08T07:03:07.000Z",
          "value": "VulDB entry last update"
        }
      ],
      "title": "Jinher OA XML Type xml external entity reference"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
    "assignerShortName": "VulDB",
    "cveId": "CVE-2025-10091",
    "datePublished": "2025-09-08T11:02:06.958Z",
    "dateReserved": "2025-09-08T04:57:59.525Z",
    "dateUpdated": "2025-09-08T13:38:24.967Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2025-8355 (GCVE-0-2025-8355)

Vulnerability from cvelistv5 – Published: 2025-08-08 15:31 – Updated: 2025-08-08 16:02
VLAI
Title
XXE leading to SSRF
Summary
In Xerox FreeFlow Core version 8.0.4, improper handling of XML input allows injection of external entities. An attacker can craft malicious XML containing references to internal URLs, this results in a Server-Side Request Forgery (SSRF).
SSVC
Exploitation: none Automatable: yes Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
  • CWE-611 - Improper Restriction of XML External Entity Reference
Assigner
Impacted products
Vendor Product Version
Xerox FreeFlow Core Affected: 0 , < 8.0.5 (custom)
Create a notification for this product.
Date Public
2025-08-08 15:27
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-8355",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-08-08T16:02:33.856898Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-08-08T16:02:42.866Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "affected",
          "platforms": [
            "Windows"
          ],
          "product": "FreeFlow Core",
          "vendor": "Xerox",
          "versions": [
            {
              "lessThan": "8.0.5",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        }
      ],
      "datePublic": "2025-08-08T15:27:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "In Xerox FreeFlow Core version 8.0.4, improper handling of XML input allows injection of external entities. An attacker can craft malicious XML containing references to internal URLs, this results in a Server-Side Request Forgery (SSRF)."
            }
          ],
          "value": "In Xerox FreeFlow Core version 8.0.4, improper handling of XML input allows injection of external entities. An attacker can craft malicious XML containing references to internal URLs, this results in a Server-Side Request Forgery (SSRF)."
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-137",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-137 Parameter Injection"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-611",
              "description": "CWE-611 Improper Restriction of XML External Entity Reference",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-08-08T15:43:07.165Z",
        "orgId": "10b61619-3869-496c-8a1e-f291b0e71e3f",
        "shortName": "Xerox"
      },
      "references": [
        {
          "url": "https://securitydocs.business.xerox.com/wp-content/uploads/2025/08/Xerox-Security-Bulletin-025-013-for-Freeflow-Core-8.0.5.pdf"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "title": "XXE leading to SSRF",
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "10b61619-3869-496c-8a1e-f291b0e71e3f",
    "assignerShortName": "Xerox",
    "cveId": "CVE-2025-8355",
    "datePublished": "2025-08-08T15:31:44.554Z",
    "dateReserved": "2025-07-30T13:54:04.373Z",
    "dateUpdated": "2025-08-08T16:02:42.866Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2025-7824 (GCVE-0-2025-7824)

Vulnerability from cvelistv5 – Published: 2025-07-19 13:02 – Updated: 2025-07-21 15:48
VLAI
Title
Jinher OA XmlHttp.aspx xml external entity reference
Summary
A vulnerability was found in Jinher OA 1.1. It has been rated as problematic. This issue affects some unknown processing of the file XmlHttp.aspx. The manipulation leads to xml external entity reference. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
SSVC
Exploitation: poc Automatable: no Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
  • CWE-611 - XML External Entity Reference
  • CWE-610 - Externally Controlled Reference
Assigner
References
URL Tags
https://vuldb.com/?id.316925 vdb-entry
https://vuldb.com/?ctiid.316925 signaturepermissions-required
https://vuldb.com/?submit.616842 third-party-advisory
https://github.com/cc2024k/CVE/issues/2 exploitissue-tracking
Impacted products
Vendor Product Version
Jinher OA Affected: 1.1
Create a notification for this product.
Credits
cc2024k (VulDB User)
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-7824",
                "options": [
                  {
                    "Exploitation": "poc"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-07-21T15:47:26.709353Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-07-21T15:48:01.570Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "OA",
          "vendor": "Jinher",
          "versions": [
            {
              "status": "affected",
              "version": "1.1"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "reporter",
          "value": "cc2024k (VulDB User)"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability was found in Jinher OA 1.1. It has been rated as problematic. This issue affects some unknown processing of the file XmlHttp.aspx. The manipulation leads to xml external entity reference. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used."
        },
        {
          "lang": "de",
          "value": "Eine Schwachstelle wurde in Jinher OA 1.1 ausgemacht. Sie wurde als problematisch eingestuft. Davon betroffen ist unbekannter Code der Datei XmlHttp.aspx. Durch Manipulation mit unbekannten Daten kann eine xml external entity reference-Schwachstelle ausgenutzt werden. Der Angriff kann \u00fcber das Netzwerk erfolgen. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "baseScore": 6.9,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P",
            "version": "4.0"
          }
        },
        {
          "cvssV3_1": {
            "baseScore": 7.3,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R",
            "version": "3.1"
          }
        },
        {
          "cvssV3_0": {
            "baseScore": 7.3,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R",
            "version": "3.0"
          }
        },
        {
          "cvssV2_0": {
            "baseScore": 7.5,
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P/E:POC/RL:ND/RC:UR",
            "version": "2.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-611",
              "description": "XML External Entity Reference",
              "lang": "en",
              "type": "CWE"
            }
          ]
        },
        {
          "descriptions": [
            {
              "cweId": "CWE-610",
              "description": "Externally Controlled Reference",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-07-19T13:02:05.434Z",
        "orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
        "shortName": "VulDB"
      },
      "references": [
        {
          "name": "VDB-316925 | Jinher OA XmlHttp.aspx xml external entity reference",
          "tags": [
            "vdb-entry"
          ],
          "url": "https://vuldb.com/?id.316925"
        },
        {
          "name": "VDB-316925 | CTI Indicators (IOB, IOC, IOA)",
          "tags": [
            "signature",
            "permissions-required"
          ],
          "url": "https://vuldb.com/?ctiid.316925"
        },
        {
          "name": "Submit #616842 | Jinhe OA V1.1 XML External Entity Reference",
          "tags": [
            "third-party-advisory"
          ],
          "url": "https://vuldb.com/?submit.616842"
        },
        {
          "tags": [
            "exploit",
            "issue-tracking"
          ],
          "url": "https://github.com/cc2024k/CVE/issues/2"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2025-07-18T00:00:00.000Z",
          "value": "Advisory disclosed"
        },
        {
          "lang": "en",
          "time": "2025-07-18T02:00:00.000Z",
          "value": "VulDB entry created"
        },
        {
          "lang": "en",
          "time": "2025-07-18T19:48:43.000Z",
          "value": "VulDB entry last update"
        }
      ],
      "title": "Jinher OA XmlHttp.aspx xml external entity reference"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
    "assignerShortName": "VulDB",
    "cveId": "CVE-2025-7824",
    "datePublished": "2025-07-19T13:02:05.434Z",
    "dateReserved": "2025-07-18T17:43:37.124Z",
    "dateUpdated": "2025-07-21T15:48:01.570Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2025-7823 (GCVE-0-2025-7823)

Vulnerability from cvelistv5 – Published: 2025-07-19 12:44 – Updated: 2025-07-21 15:46
VLAI
Title
Jinher OA ProjectScheduleDelete.aspx xml external entity reference
Summary
A vulnerability was found in Jinher OA 1.2. It has been declared as problematic. This vulnerability affects unknown code of the file ProjectScheduleDelete.aspx. The manipulation leads to xml external entity reference. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
SSVC
Exploitation: poc Automatable: no Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
  • CWE-611 - XML External Entity Reference
  • CWE-610 - Externally Controlled Reference
Assigner
References
URL Tags
https://vuldb.com/?id.316924 vdb-entry
https://vuldb.com/?ctiid.316924 signaturepermissions-required
https://vuldb.com/?submit.616841 third-party-advisory
https://github.com/cc2024k/CVE/issues/3 exploitissue-tracking
Impacted products
Vendor Product Version
Jinher OA Affected: 1.2
Create a notification for this product.
Credits
cc2024k (VulDB User)
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-7823",
                "options": [
                  {
                    "Exploitation": "poc"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-07-21T15:46:38.256657Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-07-21T15:46:51.806Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "OA",
          "vendor": "Jinher",
          "versions": [
            {
              "status": "affected",
              "version": "1.2"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "reporter",
          "value": "cc2024k (VulDB User)"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability was found in Jinher OA 1.2. It has been declared as problematic. This vulnerability affects unknown code of the file ProjectScheduleDelete.aspx. The manipulation leads to xml external entity reference. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used."
        },
        {
          "lang": "de",
          "value": "In Jinher OA 1.2 wurde eine Schwachstelle ausgemacht. Sie wurde als problematisch eingestuft. Hierbei betrifft es unbekannten Programmcode der Datei ProjectScheduleDelete.aspx. Durch die Manipulation mit unbekannten Daten kann eine xml external entity reference-Schwachstelle ausgenutzt werden. Umgesetzt werden kann der Angriff \u00fcber das Netzwerk. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "baseScore": 6.9,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P",
            "version": "4.0"
          }
        },
        {
          "cvssV3_1": {
            "baseScore": 7.3,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R",
            "version": "3.1"
          }
        },
        {
          "cvssV3_0": {
            "baseScore": 7.3,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R",
            "version": "3.0"
          }
        },
        {
          "cvssV2_0": {
            "baseScore": 7.5,
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P/E:POC/RL:ND/RC:UR",
            "version": "2.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-611",
              "description": "XML External Entity Reference",
              "lang": "en",
              "type": "CWE"
            }
          ]
        },
        {
          "descriptions": [
            {
              "cweId": "CWE-610",
              "description": "Externally Controlled Reference",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-07-19T12:44:06.138Z",
        "orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
        "shortName": "VulDB"
      },
      "references": [
        {
          "name": "VDB-316924 | Jinher OA ProjectScheduleDelete.aspx xml external entity reference",
          "tags": [
            "vdb-entry"
          ],
          "url": "https://vuldb.com/?id.316924"
        },
        {
          "name": "VDB-316924 | CTI Indicators (IOB, IOC, IOA)",
          "tags": [
            "signature",
            "permissions-required"
          ],
          "url": "https://vuldb.com/?ctiid.316924"
        },
        {
          "name": "Submit #616841 | Jinhe OA V1.2 XML External Entity Reference",
          "tags": [
            "third-party-advisory"
          ],
          "url": "https://vuldb.com/?submit.616841"
        },
        {
          "tags": [
            "exploit",
            "issue-tracking"
          ],
          "url": "https://github.com/cc2024k/CVE/issues/3"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2025-07-18T00:00:00.000Z",
          "value": "Advisory disclosed"
        },
        {
          "lang": "en",
          "time": "2025-07-18T02:00:00.000Z",
          "value": "VulDB entry created"
        },
        {
          "lang": "en",
          "time": "2025-07-18T19:48:42.000Z",
          "value": "VulDB entry last update"
        }
      ],
      "title": "Jinher OA ProjectScheduleDelete.aspx xml external entity reference"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
    "assignerShortName": "VulDB",
    "cveId": "CVE-2025-7823",
    "datePublished": "2025-07-19T12:44:06.138Z",
    "dateReserved": "2025-07-18T17:43:29.265Z",
    "dateUpdated": "2025-07-21T15:46:51.806Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2025-7766 (GCVE-0-2025-7766)

Vulnerability from cvelistv5 – Published: 2025-07-22 21:44 – Updated: 2025-07-23 19:57
VLAI
Title
Lantronix Provisioning Manager Improper Restriction of XML External Entity Reference
Summary
Lantronix Provisioning Manager is vulnerable to XML external entity attacks in configuration files supplied by network devices, leading to unauthenticated remote code execution on hosts with Provisioning Manager installed.
SSVC
Exploitation: none Automatable: no Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
  • CWE-611 - Improper Restriction of XML External Entity Reference
Assigner
Impacted products
Vendor Product Version
Lantronix Provisioning Manager Affected: 0 , ≤ 7.10.2 (custom)
Create a notification for this product.
Date Public
2025-07-22 17:00
Credits
Robert McLellan reported this vulnerability to CISA.
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-7766",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-07-23T19:57:44.156874Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-07-23T19:57:57.931Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Provisioning Manager",
          "vendor": "Lantronix",
          "versions": [
            {
              "lessThanOrEqual": "7.10.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "Robert McLellan reported this vulnerability to CISA."
        }
      ],
      "datePublic": "2025-07-22T17:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eLantronix\u0026nbsp;Provisioning Manager is vulnerable to XML external entity attacks in configuration files supplied by network devices, leading to unauthenticated remote code execution on hosts with Provisioning Manager installed.\u003c/span\u003e"
            }
          ],
          "value": "Lantronix\u00a0Provisioning Manager is vulnerable to XML external entity attacks in configuration files supplied by network devices, leading to unauthenticated remote code execution on hosts with Provisioning Manager installed."
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "Automatable": "NOT_DEFINED",
            "Recovery": "NOT_DEFINED",
            "Safety": "NOT_DEFINED",
            "attackComplexity": "LOW",
            "attackRequirements": "NONE",
            "attackVector": "ADJACENT",
            "baseScore": 8.6,
            "baseSeverity": "HIGH",
            "privilegesRequired": "NONE",
            "providerUrgency": "NOT_DEFINED",
            "subAvailabilityImpact": "LOW",
            "subConfidentialityImpact": "LOW",
            "subIntegrityImpact": "LOW",
            "userInteraction": "PASSIVE",
            "valueDensity": "NOT_DEFINED",
            "vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:L/SI:L/SA:L",
            "version": "4.0",
            "vulnAvailabilityImpact": "HIGH",
            "vulnConfidentialityImpact": "HIGH",
            "vulnIntegrityImpact": "HIGH",
            "vulnerabilityResponseEffort": "NOT_DEFINED"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        },
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "ADJACENT_NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-611",
              "description": "CWE-611 Improper Restriction of XML External Entity Reference",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-07-22T21:44:10.227Z",
        "orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
        "shortName": "icscert"
      },
      "references": [
        {
          "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-203-02"
        },
        {
          "url": "https://ltrxdev.atlassian.net/wiki/spaces/LTRXTS/pages/105906637/Latest+Version+of+Lantronix+Provisioning+Manager+LPM"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eLantronix has provided a fix and recommends users update to \u003c/span\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://ltrxdev.atlassian.net/wiki/spaces/LTRXTS/pages/105906637/Latest+Version+of+Lantronix+Provisioning+Manager+LPM\"\u003ev7.10.4\u003c/a\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u0026nbsp;or later.\u003c/span\u003e\n\n\u003cbr\u003e"
            }
          ],
          "value": "Lantronix has provided a fix and recommends users update to  v7.10.4 https://ltrxdev.atlassian.net/wiki/spaces/LTRXTS/pages/105906637/Latest+Version+of+Lantronix+Provisioning+Manager+LPM \u00a0or later."
        }
      ],
      "source": {
        "advisory": "ICSA-25-203-02",
        "discovery": "EXTERNAL"
      },
      "title": "Lantronix Provisioning Manager Improper Restriction of XML External Entity Reference",
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
    "assignerShortName": "icscert",
    "cveId": "CVE-2025-7766",
    "datePublished": "2025-07-22T21:44:10.227Z",
    "dateReserved": "2025-07-17T14:41:27.079Z",
    "dateUpdated": "2025-07-23T19:57:57.931Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2025-7523 (GCVE-0-2025-7523)

Vulnerability from cvelistv5 – Published: 2025-07-13 07:02 – Updated: 2025-07-15 19:54
VLAI
Title
Jinher OA DelTemp.aspx xml external entity reference
Summary
A vulnerability was found in Jinher OA 1.0 and classified as problematic. Affected by this issue is some unknown functionality of the file /c6/Jhsoft.Web.message/ToolBar/DelTemp.aspx. The manipulation leads to xml external entity reference. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
SSVC
Exploitation: poc Automatable: yes Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
  • CWE-611 - XML External Entity Reference
  • CWE-610 - Externally Controlled Reference
Assigner
Impacted products
Vendor Product Version
Jinher OA Affected: 1.0
Create a notification for this product.
Credits
BluesCat (VulDB User)
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-7523",
                "options": [
                  {
                    "Exploitation": "poc"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-07-14T16:44:37.582369Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-07-15T19:54:19.426Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "references": [
          {
            "tags": [
              "exploit"
            ],
            "url": "https://github.com/BigMancer/Jinhe-OA-XXE-Vulnerability"
          }
        ],
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "OA",
          "vendor": "Jinher",
          "versions": [
            {
              "status": "affected",
              "version": "1.0"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "reporter",
          "value": "BluesCat (VulDB User)"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability was found in Jinher OA 1.0 and classified as problematic. Affected by this issue is some unknown functionality of the file /c6/Jhsoft.Web.message/ToolBar/DelTemp.aspx. The manipulation leads to xml external entity reference. The attack may be launched remotely. The exploit has been disclosed to the public and may be used."
        },
        {
          "lang": "de",
          "value": "Eine Schwachstelle wurde in Jinher OA 1.0 gefunden. Sie wurde als problematisch eingestuft. Davon betroffen ist unbekannter Code der Datei /c6/Jhsoft.Web.message/ToolBar/DelTemp.aspx. Durch die Manipulation mit unbekannten Daten kann eine xml external entity reference-Schwachstelle ausgenutzt werden. Der Angriff kann \u00fcber das Netzwerk erfolgen. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "baseScore": 6.9,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P",
            "version": "4.0"
          }
        },
        {
          "cvssV3_1": {
            "baseScore": 7.3,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R",
            "version": "3.1"
          }
        },
        {
          "cvssV3_0": {
            "baseScore": 7.3,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R",
            "version": "3.0"
          }
        },
        {
          "cvssV2_0": {
            "baseScore": 7.5,
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P/E:POC/RL:ND/RC:UR",
            "version": "2.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-611",
              "description": "XML External Entity Reference",
              "lang": "en",
              "type": "CWE"
            }
          ]
        },
        {
          "descriptions": [
            {
              "cweId": "CWE-610",
              "description": "Externally Controlled Reference",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-07-13T07:02:05.374Z",
        "orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
        "shortName": "VulDB"
      },
      "references": [
        {
          "name": "VDB-316220 | Jinher OA DelTemp.aspx xml external entity reference",
          "tags": [
            "vdb-entry"
          ],
          "url": "https://vuldb.com/?id.316220"
        },
        {
          "name": "VDB-316220 | CTI Indicators (IOB, IOC, IOA)",
          "tags": [
            "signature",
            "permissions-required"
          ],
          "url": "https://vuldb.com/?ctiid.316220"
        },
        {
          "name": "Submit #611183 | jinhe OA V1.0 XML External Entity Reference",
          "tags": [
            "third-party-advisory"
          ],
          "url": "https://vuldb.com/?submit.611183"
        },
        {
          "tags": [
            "related"
          ],
          "url": "https://github.com/BigMancer/Jinhe-OA-XXE-Vulnerability"
        },
        {
          "tags": [
            "exploit"
          ],
          "url": "https://github.com/BigMancer/Jinhe-OA-XXE-Vulnerability?tab=readme-ov-file#proof-of-concept"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2025-07-12T00:00:00.000Z",
          "value": "Advisory disclosed"
        },
        {
          "lang": "en",
          "time": "2025-07-12T02:00:00.000Z",
          "value": "VulDB entry created"
        },
        {
          "lang": "en",
          "time": "2025-07-12T08:56:47.000Z",
          "value": "VulDB entry last update"
        }
      ],
      "title": "Jinher OA DelTemp.aspx xml external entity reference"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
    "assignerShortName": "VulDB",
    "cveId": "CVE-2025-7523",
    "datePublished": "2025-07-13T07:02:05.374Z",
    "dateReserved": "2025-07-12T06:51:04.084Z",
    "dateUpdated": "2025-07-15T19:54:19.426Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Mitigation
Implementation System Configuration

Many XML parsers and validators can be configured to disable external entity expansion.

CAPEC-221: Data Serialization External Entities Blowup

This attack takes advantage of the entity replacement property of certain data serialization languages (e.g., XML, YAML, etc.) where the value of the replacement is a URI. A well-crafted file could have the entity refer to a URI that consumes a large amount of resources to create a denial of service condition. This can cause the system to either freeze, crash, or execute arbitrary code depending on the URI.