CVE-2025-35112 – Agiloft XML External Entities (XXE)

CVE ID : CVE-2025-35112

Published : Aug. 26, 2025, 11:15 p.m. | 1 hour, 22 minutes ago

Description : Agiloft Release 28 contains an XML External Entities vulnerability in any table that allows ‘import/export’, allowing an authenticated attacker to import the template file and perform path traversal on the local system files. Users should upgrade to Agiloft Release 31.

Severity: 4.1 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…