{"id":66027,"date":"2025-07-11T14:32:01","date_gmt":"2025-07-11T11:02:01","guid":{"rendered":"https:\/\/afaghhosting.net\/blog\/cve-2025-6438-apache-soap-xml-external-entity-reference-vulnerability\/"},"modified":"2025-07-11T14:32:01","modified_gmt":"2025-07-11T11:02:01","slug":"cve-2025-6438-apache-soap-xml-external-entity-reference-vulnerability","status":"publish","type":"post","link":"https:\/\/afaghhosting.net\/blog\/cve-2025-6438-apache-soap-xml-external-entity-reference-vulnerability\/","title":{"rendered":"CVE-2025-6438 &#8211; Apache SOAP XML External Entity Reference Vulnerability"},"content":{"rendered":"<p><strong>CVE ID : <\/strong>CVE-2025-6438<br \/>\n<br \/>\n<strong>Published : <\/strong> July 11, 2025, 9:15 a.m. | 58\u00a0minutes ago<br \/>\n<br \/>\n<strong>Description : <\/strong>CWE-611: Improper Restriction of XML External Entity Reference vulnerability exists that could<br \/>\ncause manipulation of SOAP API calls and XML external entities injection resulting in unauthorized file access<br \/>\nwhen the server is accessed via the network using an application account.<br \/>\n<br \/>\n<strong>Severity:<\/strong> 6.8 | MEDIUM<br \/>\n<br \/>\nVisit the link for more details, such as CVSS details, affected products, timeline, and more&#8230;<\/p>\n","protected":false},"excerpt":{"rendered":"<p>CVE ID : CVE-2025-6438 Published : July 11, 2025, 9:15 a.m. | 58\u00a0minutes ago Description : CWE-611: Improper Restriction of XML External Entity Reference vulnerability exists that could cause manipulation of SOAP API calls and XML external entities injection resulting in unauthorized file access when the server is accessed via the network using an application &hellip;<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[26],"tags":[],"class_list":["post-66027","post","type-post","status-publish","format-standard","hentry","category-vulnerability"],"_links":{"self":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/posts\/66027","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/comments?post=66027"}],"version-history":[{"count":0,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/posts\/66027\/revisions"}],"wp:attachment":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/media?parent=66027"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/categories?post=66027"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/tags?post=66027"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}