CVE-2025-68493 | Apache Struts up to 2.3.37/2.5.33/6.1.0 SAXParserFactory xml external entity reference (S2-069)

Inserito da Angelo Barbosa | Gen 11, 2026 | CVE

A vulnerability identified as problematic has been detected in Apache Struts up to 2.3.37/2.5.33/6.1.0. This affects an unknown function of the component SAXParserFactory. This manipulation causes xml external entity reference.

This vulnerability is tracked as CVE-2025-68493. The attack is possible to be carried out remotely. No exploit exists.

You should upgrade the affected component.

CVE-2025-68493 | Apache Struts up to 2.3.37/2.5.33/6.1.0 SAXParserFactory xml external entity reference (S2-069)

Post correlati

CVE-2025-5209 | Ivory Search Plugin up to 5.5.9 on WordPress Setting cross site scripting

CVE-2024-23513 | PropertyHive Plugin up to 2.0.5 on WordPress deserialization

CVE-2024-56525 | pkp OJS/OMP/OPS prior 3.3.0.21/3.4.0.8 User XML Plugin backdoor

CVE-2024-34153 | Intel RAID Web Console uncontrolled search path (intel-sa-00926)