CVE-2025-52162

Medium CVSS 6.5

Overview

agorum Software GmbH Agorum core open v11.9.2 & v11.10.1 was discovered to contain an XML External Entity (XXE) via the RSSReader endpoint. This vulnerability allows attackers to access sensitive data via providing a crafted XML input.

CWE: CWE-611 Published: 2025-07-18T17:15:44.247

Risk analysis

This vulnerability is rated 🟡 MEDIUM.

CVSS: 6.5 (MEDIUM)
Detected tags: xxe (tag impact: MODERATE)

Recommended actions:

Disable external entities in XML parsers; use safe libraries.

Overview

Recommended tools

Tags