5 matches found
CVE-2025-24910
Overview XML documents optionally contain a Document Type Definition DTD, which, among other features, enables the definition of XML entities. It is possible to define an entity by providing a substitution string in the form of a URI. Once the content of the URI is read, it is fed back into the...
CVE-2025-24910
Overview XML documents optionally contain a Document Type Definition DTD, which, among other features, enables the definition of XML entities. It is possible to define an entity by providing a substitution string in the form of a URI. Once the content of the URI is read, it is fed back into the...
CVE-2025-24910
creationtimestamp| type| source ---|---|--- 2025-04-16 22:57:39+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/12160 2025-04-17 02:06:24+00:00| seen| https://t.me/cvedetector/23191 2025-04-17 02:48:35+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lmy3rxtajk2j...
CVE-2025-24910
Hitachi Vantara Pentaho Business Analytics Server prior to 10.2.0.2 (including 9.3.x and 8.3.x) is affected by an XML External Entity (XXE) vulnerability in MessageSourceCrawler. The issue allows an attacker to cause the application to read local files via a file:// entity, and can also trigger o...
CVE-2025-24910 Hitachi Vantara Pentaho Business Analytics Server - Improper Restriction of XML External Entity Reference
Overview XML documents optionally contain a Document Type Definition DTD, which, among other features, enables the definition of XML entities. It is possible to define an entity by providing a substitution string in the form of a URI. Once the content of the URI is read, it is fed back into the...