Lucene search
K

4 matches found

RedhatCVE
RedhatCVE
added 2025/05/07 9:22 a.m.25 views

CVE-2025-2905

Due to the improper configuration of XML parser, user-supplied XML is parsed without applying sufficient restrictions, enabling XML External Entity XXE resolution in multiple WSO2 Products. A successful XXE attack could allow a remote, unauthenticated attacker to: Read sensitive files from the...

9.1CVSS6.7AI score0.01146EPSS
Exploits0References1
Circl
Circl
added 2025/05/05 9:18 a.m.30 views

CVE-2025-2905

creationtimestamp| type| source ---|---|--- 2025-05-05 09:18:55+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/14842 2025-05-05 10:21:10+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3log5hwunmf2o 2025-05-05 13:01:47+00:00| seen|...

9.1CVSS4.8AI score0.01146EPSS
Exploits0References11
CVE
CVE
added 2025/05/05 9:2 a.m.196 views

CVE-2025-2905

The CVE-2025-2905 entry describes an XML External Entity (XXE) vulnerability in the WSO2 API Manager gateway component due to insufficient validation of XML input. The issue allows unauthenticated remote attackers to read server filesystem files and perform denial-of-service (DoS) attacks. Affect...

9.1CVSS6.2AI score0.01146EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2025/05/05 9:2 a.m.50 views

CVE-2025-2905 An XML External Entity (XXE) vulnerability in Multiple WSO2 Products

Due to the improper configuration of XML parser, user-supplied XML is parsed without applying sufficient restrictions, enabling XML External Entity XXE resolution in multiple WSO2 Products. A successful XXE attack could allow a remote, unauthenticated attacker to: Read sensitive files from the...

9.1CVSS0.01146EPSS
Exploits0References1
Rows per page
Query Builder