5 matches found
CVE-2025-24911
Overview XML documents optionally contain a Document Type Definition DTD, which, among other features, enables the definition of XML entities. It is possible to define an entity by providing a substitution string in the form of a URI. Once the content of the URI is read, it is fed back into the...
CVE-2025-24911
Overview XML documents optionally contain a Document Type Definition DTD, which, among other features, enables the definition of XML entities. It is possible to define an entity by providing a substitution string in the form of a URI. Once the content of the URI is read, it is fed back into the...
CVE-2025-24911
creationtimestamp| type| source ---|---|--- 2025-04-16 22:57:38+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/12159 2025-04-17 02:06:28+00:00| seen| https://t.me/cvedetector/23192 2025-04-17 02:48:37+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lmy3ryar4z2y...
CVE-2025-24911
Hitachi Vantara Pentaho Business Analytics Server prior to version 10.2.0.2 (including 9.3.x and 8.3.x) is vulnerable to an XML External Entity (XXE) exposure in the XMLParserFactoryProducer. The flaw can allow an attacker to read local files via a file:// URI defined as an external entity, and c...
CVE-2025-24911 Hitachi Vantara Pentaho Business Analytics Server - Improper Restriction of XML External Entity Reference
Overview XML documents optionally contain a Document Type Definition DTD, which, among other features, enables the definition of XML entities. It is possible to define an entity by providing a substitution string in the form of a URI. Once the content of the URI is read, it is fed back into the...