CVE-2026-38429 | OpenCMS up to 20 Import DB xml external entity reference

Inserito da Angelo Barbosa | Mag 5, 2026 | CVE

A vulnerability was found in OpenCMS up to 20. It has been classified as problematic. Affected by this issue is some unknown functionality of the component Import DB. This manipulation causes xml external entity reference.

The identification of this vulnerability is CVE-2026-38429. It is possible to initiate the attack remotely. There is no exploit available.

To fix this issue, it is recommended to deploy a patch.

CVE-2026-38429 | OpenCMS up to 20 Import DB xml external entity reference

Post correlati

CVE-2024-13511 | Variation Swatches for WooCommerce Plugin up to 1.3.2 on WordPress Setting cross-site request forgery

CVE-2024-23586 | HCL Nomad Server on Domino up to 1.0.12 session expiration (KB0115264)

CVE-2026-2945 | JeecgBoot 3.9.0 uploadImgByHttp fileUrl server-side request forgery

CVE-2025-0297 | code-projects Online Book Shop 1.0 /detail.php id sql injection