Skip to main content

CWE-643

Improper Neutralization of Data within XPath Expressions ('XPath Injection')

11 CVEs Avg CVSS 6.6 MITRE
1
CRITICAL
3
HIGH
7
MEDIUM
0
LOW
2
POC
0
KEV

Monthly

CVE-2026-44962 CRITICAL PATCH Act Now

Local privilege escalation in Plesk's APS Application Catalog allows an authenticated low-privileged user to execute arbitrary operating system commands by injecting malicious XPath syntax into the catalog search functionality. The flaw carries a critical CVSS 3.1 score of 9.9 due to scope change and full CIA impact, and no public exploit identified at time of analysis. The advisory was disclosed via HackerOne and acknowledged in a Plesk support article, but EPSS and KEV signals are not provided in the available intelligence.

Privilege Escalation
NVD
CVSS 3.1
9.9
EPSS
0.0%
CVE-2026-40699 HIGH PATCH This Week

Information disclosure in F5 BIG-IP Configuration utility allows low-privileged authenticated attackers to access sensitive information through undisclosed pages, affecting the confidentiality of administrative data without requiring user interaction or privileged credentials beyond standard authentication.

Information Disclosure Big Ip
NVD VulDB
CVSS 4.0
7.1
EPSS
0.1%
CVE-2026-24343 HIGH This Week

Apache HertzBeat versions 1.7.1 through 1.8.0 contain an XPath injection vulnerability that allows authenticated attackers to manipulate XPath queries and potentially extract or modify sensitive data. An attacker with valid credentials can exploit this flaw to bypass access controls and execute arbitrary XPath expressions against the application's XML data stores. Affected users should upgrade to version 1.8.0 immediately as no patch is currently available for earlier versions.

Apache Hertzbeat
NVD
CVSS 3.1
8.8
EPSS
0.0%
CVE-2025-20218 MEDIUM Monitor

A vulnerability in the web-based management interface of Cisco Secure Firewall Management Center (FMC) Software could allow an authenticated, remote attacker to retrieve sensitive information from an. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco Information Disclosure Secure Firewall Management Center
NVD
CVSS 3.1
4.9
EPSS
0.0%
CVE-2022-43840 MEDIUM This Month

IBM Aspera Console 3.4.0 through 3.4.4 is vulnerable to an XPath injection vulnerability, which could allow an authenticated attacker to exfiltrate sensitive application data and/or determine the. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure IBM Aspera Console
NVD
CVSS 3.1
4.3
EPSS
0.2%
CVE-2024-39565 HIGH PATCH This Week

An Improper Neutralization of Data within XPath Expressions ('XPath Injection') vulnerability in J-Web shipped with Juniper Networks Junos OS allows an unauthenticated, network-based attacker to. Rated high severity (CVSS 7.7), this vulnerability is remotely exploitable, no authentication required.

Code Injection Juniper J Web Junos
NVD
CVSS 4.0
7.7
EPSS
0.5%
CVE-2024-2648 MEDIUM POC This Month

A vulnerability, which was classified as problematic, was found in Netentsec NS-ASG Application Security Gateway 6.3. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP Information Disclosure Application Security Gateway
NVD GitHub VulDB
CVSS 3.1
5.3
EPSS
0.7%
CVE-2024-2645 MEDIUM POC This Month

A vulnerability classified as problematic has been found in Netentsec NS-ASG Application Security Gateway 6.3. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP Information Disclosure Application Security Gateway
NVD GitHub VulDB
CVSS 3.1
5.3
EPSS
0.7%
CVE-2023-36433 MEDIUM PATCH This Month

Microsoft Dynamics 365 (On-Premises) Information Disclosure Vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Microsoft Dynamics 365
NVD
CVSS 3.1
6.5
EPSS
1.9%
CVE-2023-36429 MEDIUM PATCH This Month

Microsoft Dynamics 365 (On-Premises) Information Disclosure Vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Microsoft Dynamics 365
NVD
CVSS 3.1
6.5
EPSS
2.0%
EPSS 0% CVSS 9.9
CRITICAL PATCH Act Now

Local privilege escalation in Plesk's APS Application Catalog allows an authenticated low-privileged user to execute arbitrary operating system commands by injecting malicious XPath syntax into the catalog search functionality. The flaw carries a critical CVSS 3.1 score of 9.9 due to scope change and full CIA impact, and no public exploit identified at time of analysis. The advisory was disclosed via HackerOne and acknowledged in a Plesk support article, but EPSS and KEV signals are not provided in the available intelligence.

Privilege Escalation
NVD
EPSS 0% CVSS 7.1
HIGH PATCH This Week

Information disclosure in F5 BIG-IP Configuration utility allows low-privileged authenticated attackers to access sensitive information through undisclosed pages, affecting the confidentiality of administrative data without requiring user interaction or privileged credentials beyond standard authentication.

Information Disclosure Big Ip
NVD VulDB
EPSS 0% CVSS 8.8
HIGH This Week

Apache HertzBeat versions 1.7.1 through 1.8.0 contain an XPath injection vulnerability that allows authenticated attackers to manipulate XPath queries and potentially extract or modify sensitive data. An attacker with valid credentials can exploit this flaw to bypass access controls and execute arbitrary XPath expressions against the application's XML data stores. Affected users should upgrade to version 1.8.0 immediately as no patch is currently available for earlier versions.

Apache Hertzbeat
NVD
EPSS 0% CVSS 4.9
MEDIUM Monitor

A vulnerability in the web-based management interface of Cisco Secure Firewall Management Center (FMC) Software could allow an authenticated, remote attacker to retrieve sensitive information from an. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco Information Disclosure Secure Firewall Management Center
NVD
EPSS 0% CVSS 4.3
MEDIUM This Month

IBM Aspera Console 3.4.0 through 3.4.4 is vulnerable to an XPath injection vulnerability, which could allow an authenticated attacker to exfiltrate sensitive application data and/or determine the. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure IBM Aspera Console
NVD
EPSS 1% CVSS 7.7
HIGH PATCH This Week

An Improper Neutralization of Data within XPath Expressions ('XPath Injection') vulnerability in J-Web shipped with Juniper Networks Junos OS allows an unauthenticated, network-based attacker to. Rated high severity (CVSS 7.7), this vulnerability is remotely exploitable, no authentication required.

Code Injection Juniper J Web +1
NVD
EPSS 1% CVSS 5.3
MEDIUM POC This Month

A vulnerability, which was classified as problematic, was found in Netentsec NS-ASG Application Security Gateway 6.3. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP Information Disclosure Application Security Gateway
NVD GitHub VulDB
EPSS 1% CVSS 5.3
MEDIUM POC This Month

A vulnerability classified as problematic has been found in Netentsec NS-ASG Application Security Gateway 6.3. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP Information Disclosure Application Security Gateway
NVD GitHub VulDB
EPSS 2% CVSS 6.5
MEDIUM PATCH This Month

Microsoft Dynamics 365 (On-Premises) Information Disclosure Vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Microsoft Dynamics 365
NVD
EPSS 2% CVSS 6.5
MEDIUM PATCH This Month

Microsoft Dynamics 365 (On-Premises) Information Disclosure Vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Microsoft Dynamics 365
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy