CWE-91 · XML Injection (Blind XPath Injection)

128 CVEs classified under CWE-91 (XML Injection (Blind XPath Injection)). Browse by severity and year.

Top CVEs for CWE-91
CVESeverityScorePublishedSummary
CVE-2021-4140Critical10.02022-12-22It was possible to construct specific XSLT markup that would be able to bypass an iframe sandbox. This vulnerability affects Firefox ESR < 91.5, Firefox < 96…
CVE-2024-51136Critical9.82024-11-04An XML External Entity (XXE) vulnerability in Dmoz2CSV in openimaj v1.3.10 allows attackers to access sensitive information or execute arbitrary code via suppl…
CVE-2023-43187Critical9.82023-09-27A remote code execution (RCE) vulnerability in the xmlrpc.php endpoint of NodeBB Inc NodeBB forum software prior to v1.18.6 allows attackers to execute arbitra…
CVE-2019-19450Critical9.82023-09-20paraparser in ReportLab before 3.5.31 allows remote code execution because start_unichar in paraparser.py evaluates untrusted user input in a unichar element i…
CVE-2021-37154Critical9.82021-08-25In ForgeRock Access Management (AM) before 7.0.2, the SAML2 implementation allows XML injection, potentially enabling a fraudulent SAML 2.0 assertion.
CVE-2020-29128Critical9.82020-11-26petl before 1.68, in some configurations, allows resolution of entities in an XML document.
CVE-2020-25216Critical9.82020-09-17yWorks yEd Desktop before 3.20.1 allows code execution via an XSL Transformation when using an XML file in conjunction with a custom stylesheet.
CVE-2020-11535Critical9.82020-04-15An issue was discovered in ONLYOFFICE Document Server 5.5.0. An attacker can craft a malicious .docx file, and exploit XML injection to enter an attacker-contr…
CVE-2015-6970Critical9.82020-02-18The web interface in Bosch Security Systems NBN-498 Dinion2X Day/Night IP Cameras with H.264 Firmware 4.54.0026 allows remote attackers to conduct XML injectio…
CVE-2020-0646Critical9.82020-01-14A remote code execution vulnerability exists when the Microsoft .NET Framework fails to validate input properly, aka '.NET Framework Remote Code Execution Inje…
CVE-2019-8158Critical9.82019-11-06An XPath entity injection vulnerability exists in Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3 or 2.3.2-p1. An attacker can craft a GET request to p…
CVE-2013-4857Critical9.82019-10-25D-Link DIR-865L has PHP File Inclusion in the router xml file.
CVE-2019-17626Critical9.82019-10-16ReportLab through 3.5.26 allows remote code execution because of toColor(eval(arg)) in colors.py, as demonstrated by a crafted XML document with '<span color="…
CVE-2019-16941Critical9.82019-09-28NSA Ghidra through 9.0.4, when experimental mode is enabled, allows arbitrary code execution if the Read XML Files feature of Bit Patterns Explorer is used wit…
CVE-2019-14277Critical9.82019-07-26Axway SecureTransport 5.x through 5.3 (or 5.x through 5.5 with certain API configuration) is vulnerable to unauthenticated blind XML injection (and XXE) in the…
CVE-2013-7429Critical9.82017-09-14The Googlemaps plugin before 3.1 for Joomla! allows remote attackers to conduct XML injection attacks via the url parameter to plugin_googlemap2_proxy.php.
CVE-2020-8479Critical9.42020-04-29For the Central Licensing Server component used in ABB products ABB Ability™ System 800xA and related system extensions versions 5.1, 6.0 and 6.1, Compact HMI…
CVE-2021-38948Critical9.12021-11-02IBM InfoSphere Information Server 11.7 is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit…
CVE-2021-36033Critical9.12021-09-01Magento Commerce versions 2.4.2 (and earlier), 2.4.2-p1 (and earlier) and 2.3.7 (and earlier) are affected by an XML Injection vulnerability in the Widgets Mod…
CVE-2021-36028Critical9.12021-09-01Magento Commerce versions 2.4.2 (and earlier), 2.4.2-p1 (and earlier) and 2.3.7 (and earlier) are affected by an XML Injection vulnerability when saving a conf…