CVE-2025-10713

Name of the Vulnerable Software and Affected Versions WSO2 products (affected versions not specified)

Description An issue exists where the XML parser is improperly configured. The application processes user-provided XML data without adequate restrictions, potentially allowing the resolution of external entities. A remote, unauthenticated attacker could exploit this to read sensitive files from the server or cause a denial-of-service condition. The vulnerability involves improper configuration of the XML parser and the parsing of user-supplied XML data.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.