XML external entity (XXE) vulnerability affecting certain versions of a Mule runtime component that may affect CloudHub, GovCloud, Runtime Fabric, Pivotal Cloud Foundry, Private Cloud Edition, and on-premise customers.
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:NSalesforce Mule
APPSalesforce3.0.0 – 4.3.0 (bez)
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Tags
XXE
CWE
Related vulnerabilities
CVE-2021-1626CRITICAL9.8ten sam produkt
MuleSoft is aware of a Remote Code Execution vulnerability affecting certain versions of a Mule runtime compon...
CVE-2021-1627CRITICAL9.8ten sam produkt
MuleSoft is aware of a Server Side Request Forgery vulnerability affecting certain versions of a Mule runtime ...
CVE-2021-1628CRITICAL9.8ten sam produkt
MuleSoft is aware of a XML External Entity (XXE) vulnerability affecting certain versions of a Mule runtime co...
CVE-2026-22582CRITICAL9.8PL ✓ten sam vendor
Argument Injection w Salesforce Marketing Cloud Engagement (MicrositeUrl)
CVE-2026-22583CRITICAL9.8PL ✓ten sam vendor
Argument Injection w Salesforce Marketing Cloud Engagement (CloudPagesUrl)