7 matches found
Atlassian Confluence 7.13 < 9.2.11 / 9.3.1 < 10.1.0 (CONFSERVER-101827)
The version of Atlassian Confluence Server running on the remote host is affected by a vulnerability as referenced in the CONFSERVER-101827 advisory. - Blind XXE Vulnerabilities in jackrabbit-spi-commons and jackrabbit-core in Apache Jackrabbit 2.23.2 due to usage of an unsecured document build t...
CVE-2025-53689
An XML external entity flaw was found in Apache Jackrabbit. This issue occurs when using an unsecured document builder to load privileges and is vulnerable to an attack where a malicious user can inject harmful code. Mitigation Mitigation for this issue is either not available or the currently...
CVE-2025-53689
Blind XXE Vulnerabilities in jackrabbit-spi-commons and jackrabbit-core in Apache Jackrabbit 2.23.2 due to usage of an unsecured document build to load privileges. Users are recommended to upgrade to versions 2.20.17 Java 8, 2.22.1 Java 11 or 2.23.2 Java 11, beta versions, which fix this issue...
CVE-2025-53689
CVE-2025-53689 covers blind XXE in Apache Jackrabbit’s jackrabbit-spi-commons and jackrabbit-core prior to 2.23.2, due to an unsecured document build that loads privileges. Public references in the initial and connected documents indicate this affects Confluence Server/Data Center (via bundled Ja...
CVE-2025-53689 Apache Jackrabbit: XXE vulnerability in jackrabbit-spi-commons
Blind XXE Vulnerabilities in jackrabbit-spi-commons and jackrabbit-core in Apache Jackrabbit 2.23.2 due to usage of an unsecured document build to load privileges. Users are recommended to upgrade to versions 2.20.17 Java 8, 2.22.1 Java 11 or 2.23.2 Java 11, beta versions, which fix this issue...
CVE-2025-53689 Apache Jackrabbit: XXE vulnerability in jackrabbit-spi-commons
Blind XXE Vulnerabilities in jackrabbit-spi-commons and jackrabbit-core in Apache Jackrabbit 2.23.2 due to usage of an unsecured document build to load privileges. Users are recommended to upgrade to versions 2.20.17 Java 8, 2.22.1 Java 11 or 2.23.2 Java 11, beta versions, which fix this issue...
CVE-2025-53689
creationtimestamp| type| source ---|---|--- 2025-07-14 07:14:29+00:00| seen| https://seclists.org/oss-sec/2025/q3/39 2025-07-14 09:26:28+00:00| seen| https://bsky.app/profile/infosec.skyfleet.blue/post/3ltw32lq4ff2c...