Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo
Web Application Vulnerabilities Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise Acunetix Standard & Premium

XXE

This page lists 28 vulnerabilities in this category.

Vulnerability Name
CVE
CWE
Severity
Adobe Commerce/Magento "CosmicSting" XXE (CVE-2024-34102)
CVE-2024-34102
CWE-611
Critical
Zabbix 1.8.x-2.2.x Local File Inclusion via XXE Attack
-
CWE-611
High
JBoss Seam remoting vulnerabilities
CVE-2013-6448
CWE-611
High
OpenCms Chemistry XML External Entity (XXE) vulnerability (CVE-2023-42344)
CVE-2023-42344
CWE-611
High
OpenCms Chemistry Solr XML External Entity (XXE) vulnerability (CVE-2023-42346)
CVE-2023-42346
CWE-611
High
SAML Consumer Service XML entity injection (XXE)
-
CWE-611
High
Jolokia XML External Entity (XXE) vulnerability
-
CWE-611
High
SAP IGS XXE (CVE-2018-2392, CVE-2018-2393)
CVE-2018-2393
CWE-611
High
Oracle Weblogic T3 XXE (CVE-2019-2888)
CVE-2019-2888
CWE-611
High
Oracle Weblogic T3 XXE (CVE-2019-2647)
CVE-2019-2647
CWE-611
High
OpenCms Solr XML External Entity (XXE) vulnerability
-
CWE-611
High
Oracle Business Intelligence ReportTemplateService XXE (CVE-2021-2400)
CVE-2021-2400
CWE-611
High
Oracle Business Intelligence ReportTemplateService XXE CVE-2019-2616
CVE-2019-2616
CWE-611
High
Oracle Business Intelligence Convert XXE CVE-2019-2767
CVE-2019-2767
CWE-611
High
JavaMelody XML External Entity (XXE) vulnerability
CVE-2018-15531
CWE-611
High
XML external entity injection (variant)
-
CWE-611
High
XML external entity injection via File Upload
-
CWE-611
High
XML External Entity Injection via external file
-
CWE-611
High
XML external entity injection
-
CWE-611
High
XML external entity injection and XML injection
-
CWE-611
High
XML entity injection
-
CWE-611
High
Ektron CMS multiple vulnerabilities
-
CWE-434
High
Zend Framework local file disclosure via XXE injection
CVE-2015-5161
CWE-611
High
XML quadratic blowup denial of service attack
-
CWE-400
High
Parallels Plesk SSO XML External Entity and Cross-site scripting
-
CWE-611
High
MantisBT multiple security issues
CVE-2015-1042
CWE-200
High
SAP BO BIP XXE (CVE-2022-28213)
CVE-2022-28213
CWE-112
High
XXE in Ivanti Connect Secure, Policy Secure and Neurons (CVE-2024-22024)
CVE-2024-22024
CWE-112
Medium