CVE-2025-6438

Medium CVSS 5.9

Overview

CWE-611: Improper Restriction of XML External Entity Reference vulnerability exists that could
cause manipulation of SOAP API calls and XML external entities injection resulting in unauthorized file access
when the server is accessed via the network using an application account.

CWE: CWE-611 Published: 2025-07-11T09:15:24.987

Risk analysis

This vulnerability is rated 🟡 MEDIUM.

CVSS: 5.9 (MEDIUM)
Detected tags: xxe (tag impact: MODERATE)

Recommended actions:

Disable external entities in XML parsers; use safe libraries.

Overview

Recommended tools

Tags