Description
IBM Security Access Manager Appliance 9.0.7.0 is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 172018.
Remediation
References
Related Vulnerabilities
MongoDb Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2026-1850)
WordPress Plugin Slider Hero with Animation, Video Background Cross-Site Scripting (8.4.3)
WordPress Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2016-5835)
Dot CMS Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2020-19138)
WordPress Plugin Qiniu Cloudtuchuang Cross-Site Scripting (1.8)