CVE-2025-52162

Medium CVSS: 6.5

agorum Software GmbH Agorum core open v11.9.2 & v11.10.1 was discovered to contain an XML External Entity (XXE) via the RSSReader endpoint. This vulnerability allows attackers to access sensitive data via providing a crafted XML input.

Vendor

Product

CWE

CWE-611

Yayın Tarihi

2025-07-18 17:15:44

Güncelleme

2025-07-22 13:06:27

Source Identifier

cve@mitre.org

KEV Date Added

Kategoriler

CWE-611 MEDIUM 2025

Referanslar

http://agorum.com https://herolab.usd.de/security-advisories/usd-2025-0024/