CVE-2025-2905 | WSO2 API Manager up to 2.0.0 XML Parser xml external entity reference

Inserito da Angelo Barbosa | Mag 5, 2025 | CVE

A vulnerability, which was classified as critical, has been found in WSO2 API Manager up to 2.0.0. Affected by this issue is some unknown functionality of the component XML Parser. The manipulation leads to xml external entity reference. This vulnerability only affects products that are no longer supported by the maintainer.

This vulnerability is handled as CVE-2025-2905. The attack may be launched remotely. There is no exploit available.

CVE-2025-2905 | WSO2 API Manager up to 2.0.0 XML Parser xml external entity reference

Post correlati

CVE-2023-46218 | cURL up to 8.4.0 Cookie lib/cookie.c Curl_cookie_add information disclosure

CVE-2024-13775 | vanquish WooCommerce Support Ticket System Plugin up to 17.8 on WordPress authorization

CVE-2023-7279 | Secure Systems Engineering Connaisseur up to 3.3.0 Delegation Name targets_schema.json redos (ID 1407)

CVE-2015-10123 | WAGO Controller BACnet IP up to FW13 Packets buffer overflow (VDE-2023-039)