Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-91 (XML注入(XPath盲注)) — Vulnerability Class 50

50 vulnerabilities classified as CWE-91 (XML注入(XPath盲注)). AI Chinese analysis included.

CWE-91, known as XML Injection or Blind XPath Injection, is a critical input validation weakness where applications fail to properly neutralize special characters within XML data. Attackers typically exploit this vulnerability by injecting malicious XPath queries into user-supplied input fields, manipulating the syntax of XML documents before they are processed. This allows adversaries to bypass authentication mechanisms, extract sensitive data, or alter application logic without receiving direct error feedback, hence the "blind" nature of the attack. To prevent such exploits, developers must rigorously sanitize all user inputs by escaping or removing dangerous characters like quotes and angle brackets. Additionally, employing parameterized queries or using secure XML parsing libraries that enforce strict schema validation ensures that user data is treated strictly as content rather than executable code, effectively neutralizing the injection vector.

MITRE CWE Description
The product does not properly neutralize special elements that are used in XML, allowing attackers to modify the syntax, content, or commands of the XML before it is processed by an end system. Within XML, special elements could include reserved words or characters such as "<", ">", """, and "&", which could then be used to add new data or modify XML syntax.
Common Consequences (1)
Confidentiality, Integrity, AvailabilityExecute Unauthorized Code or Commands, Read Application Data, Modify Application Data
Mitigations (1)
ImplementationAssume all input is malicious. Use an "accept known good" input validation strategy, i.e., use a list of acceptable inputs that strictly conform to specifications. Reject any input that does not strictly conform to specifications, or transform it into something that does. When performing input validation, consider all potentially relevant properties, including length, type of input, the full range…
CVE IDTitleCVSSSeverityPublished
CVE-2026-41650 fast-xml-parser XMLBuilder: XML Comment and CDATA Injection via Unescaped Delimiters — fast-xml-parser 6.1 Medium2026-05-07
CVE-2026-41675 xmldom: XML node injection through unvalidated processing instruction serialization — xmldom 10.0AICriticalAI2026-05-07
CVE-2026-41674 xmldom: XML injection through unvalidated DocumentType serialization — xmldom 7.5AIHighAI2026-05-07
CVE-2026-41672 xmldom: XML node injection through unvalidated comment serialization — xmldom 10.0AICriticalAI2026-05-07
CVE-2026-27693 traccar allows XML injection in KML and GPX exports — traccar 5.4 Medium2026-05-05
CVE-2026-32870 Kirby has XML injection in its XML creator toolkit — kirby 7.1AIHighAI2026-04-24
CVE-2026-34601 xmldom: XML injection via unsafe CDATA serialization allows attacker-controlled markup insertion — xmldom 7.5 High2026-04-02
CVE-2026-28770 XML injection In /IDC_Logging/checkifdone.cgi Endpoint On IDC SFX Web Management Interface Version 101 — SFX Series SuperFlex Satellite Receiver Web management interface 5.4AIMediumAI2026-03-04
CVE-2026-1554 Central Authentication System (CAS) Server - Less critical - XML Element Injection - SA-CONTRIB-2026-007 — Central Authentication System (CAS) Server 8.8AIHighAI2026-02-04
CVE-2022-50902 Wondershare FamiSafe 1.0 - 'FSService' Unquoted Service Path — Wondershare FamiSafe 8.4 High2026-01-13
CVE-2025-1545 WatchGuard Firebox XPath Injection Vulnerability in Web CGI — Fireware OS 7.5AIHighAI2025-12-04
CVE-2025-66034 fontTools is Vulnerable to Arbitrary File Write and XML injection in fontTools.varLib — fonttools 6.3 Medium2025-11-29
CVE-2025-12921 OpenClinica Community Edition CRF Data Import ImportCRFData xml injection — Community Edition 4.3 Medium2025-11-09
CVE-2025-7473 XML Injection — Endpoint Central 5.2 Medium2025-10-21
CVE-2025-54251 Adobe Experience Manager | XML Injection (aka Blind XPath Injection) (CWE-91) — Adobe Experience Manager 4.3 Medium2025-09-09
CVE-2025-24404 Apache HertzBeat (incubating): RCE by parse http sitemap xml response — Apache HertzBeat (incubating) 8.8AIHighAI2025-09-09
CVE-2025-9375 xmltodict 0.14.2 - XML Injection — xmltodict 9.1AICriticalAI2025-09-01
CVE-2025-49538 ColdFusion | XML Injection (aka Blind XPath Injection) (CWE-91) — ColdFusion 7.4 High2025-07-08
CVE-2024-47113 IBM ICP - Voice Gateway XML injection — Voice Gateway 8.1 High2025-01-18
CVE-2024-13190 ZeroWdd myblog BlogMapper.xml xml injection — myblog 6.3 Medium2025-01-08
CVE-2024-53675 Hewlett Packard Enterprise Insight Remote Support 安全漏洞 — HPE Insight Remote Support 7.3 High2024-11-26
CVE-2024-53674 Hewlett Packard Enterprise Insight Remote Support 安全漏洞 — HPE Insight Remote Support 7.3 High2024-11-26
CVE-2024-11622 Hewlett Packard Enterprise Insight Remote Support 安全漏洞 — HPE Insight Remote Support 7.3 High2024-11-26
CVE-2024-42374 XML injection in SAP BEx Web Java Runtime Export Web Service — SAP BEx Web Java Runtime Export Web Service 8.2 High2024-08-13
CVE-2023-32173 Unified Automation UaGateway AddServer XML Injection Denial-of-Service Vulnerability — UaGateway 6.5 -2024-05-03
CVE-2023-27328 Parallels Desktop Toolgate XML Injection Local Privilege Escalation Vulnerability — Desktop 8.8 -2024-05-03
CVE-2024-28109 Potential XSLT injection vulnerability when using policy files — veraPDF-library 8.1 High2024-03-28
CVE-2023-46214 Remote code execution (RCE) in Splunk Enterprise through Insecure XML Parsing — Splunk Enterprise 8.0 High2023-11-16
CVE-2022-32755 IBM Security Directory Server external entity injection — Security Directory Server 5.5 Medium2023-10-14
CVE-2022-4245 Codehaus-plexus: xml external entity (xxe) injection — RHINT Camel-K-1.10.1 4.3 Medium2023-09-25

Vulnerabilities classified as CWE-91 (XML注入(XPath盲注)) represent 50 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.