CVE-2025-1225 | ywoa up to 2024.07.03 WXCallBack Interface XMLParse.java extract xml external entity reference (IBI81R)

A vulnerability, which was classified as problematic, has been found in ywoa up to 2024.07.03. This issue affects the function extract of the file c-main/src/main/java/com/redmoon/weixin/aes/XMLParse.java of the component WXCallBack Interface. The manipulation leads to xml external entity reference.

The identification of this vulnerability is CVE-2025-1225. The attack may be initiated remotely. Furthermore, there is an exploit available.

It is recommended to upgrade the affected component.

CVE-2025-1225 | ywoa up to 2024.07.03 WXCallBack Interface XMLParse.java extract xml external entity reference (IBI81R)

Related Posts

CVE-2024-13289 | Drupal Cookiebot and GTM up to 1.0.17 cross site scripting

CVE-2024-1351 | MongoDB Server up to 4.4.28/5.0.24/6.0.13/7.0.5 tls.CAFile certificate validation (SERVER-72839)

CVE-2024-2116 | Christmas Greetings Plugin up to 1.2.5 on WordPress cross site scripting

CVE-2024-23856 | Cups Easy 1.0 URL itemlist.php cross site scripting