CWE-611
AllowedImproper Restriction of XML External Entity Reference
Abstraction: Base · Status: Draft
The product processes an XML document that can contain XML entities with URIs that resolve to documents outside of the intended sphere of control, causing the product to embed incorrect documents into its output.
1694 vulnerabilities reference this CWE, most recent first.
GHSA-M2R5-4W96-QXG5
Vulnerability from github – Published: 2022-04-28 19:31 – Updated: 2022-04-28 19:31Impact
It's possible in a script to access any file accessing to the user running XWiki application server with XML External Entity Injection through the XML script service.
For example:
{{velocity}}
#set($xml=$services.get('xml'))
#set($xxe_payload = "<?xml version='1.0' encoding='UTF-8'?><!DOCTYPE root[<!ENTITY xxe SYSTEM 'file:///etc/passwd' >]><root><foo>&xxe;</foo></root>")
#set($doc=$xml.parse($xxe_payload))
$xml.serialize($doc)
{{/velocity}}
Patches
The problem has been patched on versions 12.10.10, 13.4.4 and 13.8RC1.
Workarounds
There's no easy workaround for fixing this vulnerability other than upgrading and being careful when giving Script rights.
References
https://jira.xwiki.org/browse/XWIKI-18946
For more information
If you have any questions or comments about this advisory: * Open an issue in Jira XWiki * Email us at XWiki Security mailing-list
{
"affected": [
{
"package": {
"ecosystem": "Maven",
"name": "org.xwiki.commons:xwiki-commons-xml"
},
"ranges": [
{
"events": [
{
"introduced": "2.7"
},
{
"fixed": "12.10.10"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "Maven",
"name": "org.xwiki.commons:xwiki-commons-xml"
},
"ranges": [
{
"events": [
{
"introduced": "13.0.0"
},
{
"fixed": "13.4.4"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"database_specific": {
"last_known_affected_version_range": "\u003c= 13.7"
},
"package": {
"ecosystem": "Maven",
"name": "org.xwiki.commons:xwiki-commons-xml"
},
"ranges": [
{
"events": [
{
"introduced": "13.5-rc-1"
},
{
"fixed": "13.8-rc-1"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2022-24898"
],
"database_specific": {
"cwe_ids": [
"CWE-611"
],
"github_reviewed": true,
"github_reviewed_at": "2022-04-28T19:31:55Z",
"nvd_published_at": "2022-04-28T20:15:00Z",
"severity": "MODERATE"
},
"details": "### Impact\n\nIt\u0027s possible in a script to access any file accessing to the user running XWiki application server with XML External Entity Injection through the XML script service.\n\nFor example:\n\n```\n{{velocity}}\n#set($xml=$services.get(\u0027xml\u0027))\n#set($xxe_payload = \"\u003c?xml version=\u00271.0\u0027 encoding=\u0027UTF-8\u0027?\u003e\u003c!DOCTYPE root[\u003c!ENTITY xxe SYSTEM \u0027file:///etc/passwd\u0027 \u003e]\u003e\u003croot\u003e\u003cfoo\u003e\u0026xxe;\u003c/foo\u003e\u003c/root\u003e\")\n#set($doc=$xml.parse($xxe_payload))\n$xml.serialize($doc)\n{{/velocity}}\n```\n\n### Patches\n\nThe problem has been patched on versions 12.10.10, 13.4.4 and 13.8RC1.\n\n### Workarounds\n\nThere\u0027s no easy workaround for fixing this vulnerability other than upgrading and being careful when giving Script rights.\n\n### References\n\nhttps://jira.xwiki.org/browse/XWIKI-18946\n\n### For more information\n\nIf you have any questions or comments about this advisory:\n* Open an issue in [Jira XWiki](https://jira.xwiki.org)\n* Email us at [XWiki Security mailing-list](mailto:security@xwiki.org)",
"id": "GHSA-m2r5-4w96-qxg5",
"modified": "2022-04-28T19:31:55Z",
"published": "2022-04-28T19:31:55Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/xwiki/xwiki-commons/security/advisories/GHSA-m2r5-4w96-qxg5"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-24898"
},
{
"type": "WEB",
"url": "https://github.com/xwiki/xwiki-commons/commit/947e8921ebd95462d5a7928f397dd1b64f77c7d5"
},
{
"type": "PACKAGE",
"url": "https://github.com/xwiki/xwiki-commons"
},
{
"type": "WEB",
"url": "https://jira.xwiki.org/browse/XWIKI-18946"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
],
"summary": "Arbitrary file access through XML parsing in org.xwiki.commons:xwiki-commons-xml"
}
GHSA-M2R7-W5RX-6VQG
Vulnerability from github – Published: 2022-05-24 17:10 – Updated: 2022-05-24 17:10An XML external entity (XXE) vulnerability iin Zoho ManageEngine Desktop Central before the 07-Mar-2020 update allows remote unauthenticated users to read arbitrary files or conduct server-side request forgery (SSRF) attacks via a crafted DTD in an XML request.
{
"affected": [],
"aliases": [
"CVE-2020-8540"
],
"database_specific": {
"cwe_ids": [
"CWE-611"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2020-03-11T17:15:00Z",
"severity": "HIGH"
},
"details": "An XML external entity (XXE) vulnerability iin Zoho ManageEngine Desktop Central before the 07-Mar-2020 update allows remote unauthenticated users to read arbitrary files or conduct server-side request forgery (SSRF) attacks via a crafted DTD in an XML request.",
"id": "GHSA-m2r7-w5rx-6vqg",
"modified": "2022-05-24T17:10:47Z",
"published": "2022-05-24T17:10:47Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-8540"
},
{
"type": "WEB",
"url": "https://www.manageengine.com/products/desktop-central/xxe-vulnerability.html"
}
],
"schema_version": "1.4.0",
"severity": []
}
GHSA-M359-59CC-2426
Vulnerability from github – Published: 2024-11-14 12:31 – Updated: 2025-01-24 18:31A blind XML External Entities (XXE) injection vulnerability in the Palo Alto Networks PAN-OS software enables an authenticated attacker to exfiltrate arbitrary files from firewalls to an attacker controlled server. This attack requires network access to the firewall management interface.
{
"affected": [],
"aliases": [
"CVE-2024-5919"
],
"database_specific": {
"cwe_ids": [
"CWE-611"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-11-14T10:15:09Z",
"severity": "MODERATE"
},
"details": "A blind XML External Entities (XXE) injection vulnerability in the Palo Alto Networks PAN-OS software enables an authenticated attacker to exfiltrate arbitrary files from firewalls to an attacker controlled server. This attack requires network access to the firewall management interface.",
"id": "GHSA-m359-59cc-2426",
"modified": "2025-01-24T18:31:12Z",
"published": "2024-11-14T12:31:01Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-5919"
},
{
"type": "WEB",
"url": "https://security.paloaltonetworks.com/CVE-2024-5919"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:N/R:A/V:C/RE:M/U:Amber",
"type": "CVSS_V4"
}
]
}
GHSA-M39X-PWC9-4WHQ
Vulnerability from github – Published: 2022-05-24 19:17 – Updated: 2022-05-24 19:17SAP BusinessObjects Business Intelligence Platform (Crystal Reports) - versions 420, 430, allows an unauthenticated attacker to exploit missing XML validations at endpoints to read sensitive data. These endpoints are normally exposed over the network and successful exploitation can enable the attacker to retrieve arbitrary files from the server.
{
"affected": [],
"aliases": [
"CVE-2021-40500"
],
"database_specific": {
"cwe_ids": [
"CWE-611"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2021-10-12T15:15:00Z",
"severity": "HIGH"
},
"details": "SAP BusinessObjects Business Intelligence Platform (Crystal Reports) - versions 420, 430, allows an unauthenticated attacker to exploit missing XML validations at endpoints to read sensitive data. These endpoints are normally exposed over the network and successful exploitation can enable the attacker to retrieve arbitrary files from the server.",
"id": "GHSA-m39x-pwc9-4whq",
"modified": "2022-05-24T19:17:18Z",
"published": "2022-05-24T19:17:18Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-40500"
},
{
"type": "WEB",
"url": "https://launchpad.support.sap.com/#/notes/3074693"
},
{
"type": "WEB",
"url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=587169983"
}
],
"schema_version": "1.4.0",
"severity": []
}
GHSA-M3GM-54M7-PC78
Vulnerability from github – Published: 2022-05-14 03:35 – Updated: 2022-05-14 03:35XML external entity (XXE) vulnerability in IBM Financial Transaction Manager (FTM) for ACH Services for Multi-Platform 2.1.1.2 and 3.0.0.x before fp0013, Financial Transaction Manager (FTM) for Check Services for Multi-Platform 2.1.1.2 and 3.0.0.x before fp0013, and Financial Transaction Manager (FTM) for Corporate Payment Services (CPS) for Multi-Platform 2.1.1.2 and 3.0.0.x before fp0013 allows remote authenticated users to obtain sensitive information via crafted XML data. IBM X-Force ID: 110915.
{
"affected": [],
"aliases": [
"CVE-2016-0268"
],
"database_specific": {
"cwe_ids": [
"CWE-611"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2018-03-09T19:29:00Z",
"severity": "MODERATE"
},
"details": "XML external entity (XXE) vulnerability in IBM Financial Transaction Manager (FTM) for ACH Services for Multi-Platform 2.1.1.2 and 3.0.0.x before fp0013, Financial Transaction Manager (FTM) for Check Services for Multi-Platform 2.1.1.2 and 3.0.0.x before fp0013, and Financial Transaction Manager (FTM) for Corporate Payment Services (CPS) for Multi-Platform 2.1.1.2 and 3.0.0.x before fp0013 allows remote authenticated users to obtain sensitive information via crafted XML data. IBM X-Force ID: 110915.",
"id": "GHSA-m3gm-54m7-pc78",
"modified": "2022-05-14T03:35:31Z",
"published": "2022-05-14T03:35:31Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-0268"
},
{
"type": "WEB",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21977245"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-M3MM-MF73-6XMG
Vulnerability from github – Published: 2022-05-24 16:44 – Updated: 2024-04-04 00:03An XML external entity (XXE) vulnerability in PrinterOn version 4.1.4 and lower allows remote authenticated users to read arbitrary files or conduct server-side request forgery (SSRF) attacks via a crafted DTD in an XML request.
{
"affected": [],
"aliases": [
"CVE-2018-17169"
],
"database_specific": {
"cwe_ids": [
"CWE-611"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2019-04-23T14:29:00Z",
"severity": "HIGH"
},
"details": "An XML external entity (XXE) vulnerability in PrinterOn version 4.1.4 and lower allows remote authenticated users to read arbitrary files or conduct server-side request forgery (SSRF) attacks via a crafted DTD in an XML request.",
"id": "GHSA-m3mm-mf73-6xmg",
"modified": "2024-04-04T00:03:42Z",
"published": "2022-05-24T16:44:09Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-17169"
},
{
"type": "WEB",
"url": "https://github.com/DrunkenShells/Disclosures/tree/master/CVE-2018-17169-XXE-PrinterON"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-M42M-M8CR-8M58
Vulnerability from github – Published: 2025-10-06 18:31 – Updated: 2025-10-08 14:07The HTMLSectionSplitter class in langchain-text-splitters is vulnerable to XML External Entity (XXE) attacks due to unsafe XSLT parsing. This vulnerability arises because the class allows the use of arbitrary XSLT stylesheets, which are parsed using lxml.etree.parse() and lxml.etree.XSLT() without any hardening measures. In lxml versions up to 4.9.x, external entities are resolved by default, allowing attackers to read arbitrary local files or perform outbound HTTP(S) fetches. In lxml versions 5.0 and above, while entity expansion is disabled, the XSLT document() function can still read any URI unless XSLTAccessControl is applied. This vulnerability allows remote attackers to gain read-only access to any file the LangChain process can reach, including sensitive files such as SSH keys, environment files, source code, or cloud metadata. No authentication, special privileges, or user interaction are required, and the issue is exploitable in default deployments that enable custom XSLT.
{
"affected": [
{
"package": {
"ecosystem": "PyPI",
"name": "langchain-text-splitters"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "0.3.9"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2025-6985"
],
"database_specific": {
"cwe_ids": [
"CWE-611"
],
"github_reviewed": true,
"github_reviewed_at": "2025-10-07T21:32:54Z",
"nvd_published_at": "2025-10-06T18:15:52Z",
"severity": "HIGH"
},
"details": "The HTMLSectionSplitter class in langchain-text-splitters is vulnerable to XML External Entity (XXE) attacks due to unsafe XSLT parsing. This vulnerability arises because the class allows the use of arbitrary XSLT stylesheets, which are parsed using lxml.etree.parse() and lxml.etree.XSLT() without any hardening measures. In lxml versions up to 4.9.x, external entities are resolved by default, allowing attackers to read arbitrary local files or perform outbound HTTP(S) fetches. In lxml versions 5.0 and above, while entity expansion is disabled, the XSLT document() function can still read any URI unless XSLTAccessControl is applied. This vulnerability allows remote attackers to gain read-only access to any file the LangChain process can reach, including sensitive files such as SSH keys, environment files, source code, or cloud metadata. No authentication, special privileges, or user interaction are required, and the issue is exploitable in default deployments that enable custom XSLT.",
"id": "GHSA-m42m-m8cr-8m58",
"modified": "2025-10-08T14:07:35Z",
"published": "2025-10-06T18:31:07Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-6985"
},
{
"type": "WEB",
"url": "https://github.com/langchain-ai/langchain/pull/31819"
},
{
"type": "WEB",
"url": "https://github.com/langchain-ai/langchain/commit/43eef435505a1c907227b724c0c760ad5fc01790"
},
{
"type": "PACKAGE",
"url": "https://github.com/langchain-ai/langchain"
},
{
"type": "WEB",
"url": "https://huntr.com/bounties/cf78abbb-df3b-43de-b6ee-132b73ff8331"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
],
"summary": "LangChain Text Splitters is vulnerable to XML External Entity (XXE) attacks due to unsafe XSLT parsing"
}
GHSA-M42M-R45F-GPHF
Vulnerability from github – Published: 2022-05-13 01:39 – Updated: 2022-05-13 01:39MailEnable before 8.60 allows XXE via an XML document in the request.aspx Options parameter.
{
"affected": [],
"aliases": [
"CVE-2015-9280"
],
"database_specific": {
"cwe_ids": [
"CWE-611"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2019-01-16T16:29:00Z",
"severity": "CRITICAL"
},
"details": "MailEnable before 8.60 allows XXE via an XML document in the request.aspx Options parameter.",
"id": "GHSA-m42m-r45f-gphf",
"modified": "2022-05-13T01:39:42Z",
"published": "2022-05-13T01:39:42Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2015-9280"
},
{
"type": "WEB",
"url": "https://web.archive.org/web/20150329173628/http://www.mailenable.com/Standard-ReleaseNotes.txt"
},
{
"type": "WEB",
"url": "https://www.nccgroup.trust/globalassets/our-research/uk/technical-advisories/2015/technical-advisory-multiple-vulnerabilities-in-mailenable.pdf"
},
{
"type": "WEB",
"url": "https://www.nccgroup.trust/uk/our-research/multiple-vulnerabilities-in-mailenable"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-M4PJ-3G4R-X6M8
Vulnerability from github – Published: 2022-05-24 17:28 – Updated: 2022-07-01 00:01An issue was discovered in Hyland OnBase through 18.0.0.32 and 19.x through 19.8.9.1000. It allows XXE attacks for read/write access to arbitrary files.
{
"affected": [],
"aliases": [
"CVE-2020-25257"
],
"database_specific": {
"cwe_ids": [
"CWE-611"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2020-09-11T03:15:00Z",
"severity": "HIGH"
},
"details": "An issue was discovered in Hyland OnBase through 18.0.0.32 and 19.x through 19.8.9.1000. It allows XXE attacks for read/write access to arbitrary files.",
"id": "GHSA-m4pj-3g4r-x6m8",
"modified": "2022-07-01T00:01:13Z",
"published": "2022-05-24T17:28:09Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-25257"
},
{
"type": "WEB",
"url": "https://seclists.org/fulldisclosure/2020/Sep/23"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-M53P-F25Q-Q6FG
Vulnerability from github – Published: 2022-05-24 17:06 – Updated: 2022-12-21 16:42Robot Framework Plugin 2.0.0 and earlier does not configure the XML parser to prevent XML external entity (XXE) attacks.
This allows a user able to control the input files for the 'Publish Robot Framework' post-build step to have Jenkins parse a crafted file that uses external entities for extraction of secrets from the Jenkins controller, server-side request forgery, or denial-of-service attacks.
Robot Framework Plugin 2.0.1 disables external entity resolution for its XML parser.
{
"affected": [
{
"package": {
"ecosystem": "Maven",
"name": "org.jenkins-ci.plugins:robot"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "2.0.1"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2020-2092"
],
"database_specific": {
"cwe_ids": [
"CWE-611"
],
"github_reviewed": true,
"github_reviewed_at": "2022-12-21T16:42:17Z",
"nvd_published_at": "2020-01-15T16:15:00Z",
"severity": "HIGH"
},
"details": "Robot Framework Plugin 2.0.0 and earlier does not configure the XML parser to prevent XML external entity (XXE) attacks.\n\nThis allows a user able to control the input files for the \u0027Publish Robot Framework\u0027 post-build step to have Jenkins parse a crafted file that uses external entities for extraction of secrets from the Jenkins controller, server-side request forgery, or denial-of-service attacks.\n\nRobot Framework Plugin 2.0.1 disables external entity resolution for its XML parser.",
"id": "GHSA-m53p-f25q-q6fg",
"modified": "2022-12-21T16:42:17Z",
"published": "2022-05-24T17:06:23Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-2092"
},
{
"type": "WEB",
"url": "https://github.com/jenkinsci/robot-plugin/commit/a06626f516e63813db570ff9f3e9b1f76012df59"
},
{
"type": "PACKAGE",
"url": "https://github.com/jenkinsci/robot-plugin"
},
{
"type": "WEB",
"url": "https://jenkins.io/security/advisory/2020-01-15/#SECURITY-1698"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L",
"type": "CVSS_V3"
}
],
"summary": "XXE vulnerability in Jenkins Robot Framework Plugin"
}
Mitigation
Many XML parsers and validators can be configured to disable external entity expansion.
CAPEC-221: Data Serialization External Entities Blowup
This attack takes advantage of the entity replacement property of certain data serialization languages (e.g., XML, YAML, etc.) where the value of the replacement is a URI. A well-crafted file could have the entity refer to a URI that consumes a large amount of resources to create a denial of service condition. This can cause the system to either freeze, crash, or execute arbitrary code depending on the URI.