Vulnerability Name CVE Severity
Adobe Commerce/Magento "CosmicSting" XXE (CVE-2024-34102) CVE-2024-34102
Ektron CMS multiple vulnerabilities
JavaMelody XML External Entity (XXE) vulnerability CVE-2018-15531
JBoss Seam remoting vulnerabilities CVE-2013-6447 CVE-2013-6448
Jolokia XML External Entity (XXE) vulnerability
MantisBT multiple security issues CVE-2014-9571 CVE-2014-9572 CVE-2014-9573 CVE-2014-9624 CVE-2015-1042
OpenCms Chemistry Solr XML External Entity (XXE) vulnerability (CVE-2023-42346) CVE-2023-42346
OpenCms Chemistry XML External Entity (XXE) vulnerability (CVE-2023-42344) CVE-2023-42344
OpenCms Solr XML External Entity (XXE) vulnerability
Oracle Business Intelligence Convert XXE CVE-2019-2767
Oracle Business Intelligence ReportTemplateService XXE (CVE-2021-2400) CVE-2021-2400
Oracle Business Intelligence ReportTemplateService XXE CVE-2019-2616
Oracle Weblogic T3 XXE (CVE-2019-2647) CVE-2019-2647
Oracle Weblogic T3 XXE (CVE-2019-2888) CVE-2019-2888
Parallels Plesk SSO XML External Entity and Cross-site scripting
SAML Consumer Service XML entity injection (XXE)
SAP BO BIP XXE (CVE-2022-28213) CVE-2022-28213
SAP IGS XXE (CVE-2018-2392, CVE-2018-2393) CVE-2018-2393
XML entity injection
XML external entity injection
XML external entity injection (variant)
XML external entity injection and XML injection
XML External Entity Injection via external file
XML external entity injection via File Upload
XML quadratic blowup denial of service attack
XXE in Ivanti Connect Secure, Policy Secure and Neurons (CVE-2024-22024) CVE-2024-22024
Zabbix 1.8.x-2.2.x Local File Inclusion via XXE Attack
Zend Framework local file disclosure via XXE injection CVE-2012-3363 CVE-2015-5161