CVE-2024-2374 | WSO2 API Manager XML Parser xml external entity reference

Inserito da Angelo Barbosa | Apr 16, 2026 | CVE

A vulnerability marked as problematic has been reported in WSO2 API Manager, Identity Server, Open Banking AM, Open Banking IAM and Identity Server as Key Manager. Affected by this vulnerability is an unknown functionality of the component XML Parser. This manipulation causes xml external entity reference.

This vulnerability is tracked as CVE-2024-2374. The attack is possible to be carried out remotely. No exploit exists.

It is suggested to upgrade the affected component.

CVE-2024-2374 | WSO2 API Manager XML Parser xml external entity reference

Post correlati

CVE-2024-26369 | FastDDS v2.12.x, 2.6.x/2.10.x/2.11.x/2.12.x HistoryQosPolicy denial of service (Issue 4365)

CVE-2024-43156 | AddonMaster Post Grid Master Plugin up to 3.4.10 on WordPress cross site scripting

CVE-2025-7069 | HDF5 1.14.6 src/H5FSsection.c H5FS__sect_link_size heap-based overflow (Issue 5550)

CVE-2024-41806 | Open edX Platform AWS S3 Bucket information disclosure (GHSA-4528-7fh6-x75c)