CVE-2025-36049
IBM webMethods Integration Sever XML external entity injection
IBM webMethods Integration Server 10.5, 10.7, 10.11, and 10.15
is vulnerable to an XML external entity injection (XXE) attack when processing XML data. A remote authenticated attacker could exploit this vulnerability to execute arbitrary commands.
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Productos afectados
IBM · webMethods Integration Server¿Quieres saber si tu infraestructura está expuesta a esto?
Hablar con TrueHacking →