CVE 6.9 MEDIUM

xmltodict 0.14.2 – XML Injection_CVE-2025-9375

September 1, 2025 invoker category_cve
6.9 / 10
MEDIUM
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N

Description

XML Injection vulnerability in xmltodict allows Input Data Manipulation.This issue affects xmltodict: 0.14.2.

Basic Information

ID CVE-2025-9375
Source Fluid Attacks
Published Sep 1, 2025 at 16:43

Affected Product

Vendor xmltodict
Product xmltodict
Version 0.14.2
Affected Versions xmltodict xmltodict 0.14.2

CWE Classification

CWE-91

References

💭 Join the Security Discussion

🔒 Your email address will not be published. Required fields are marked *

⚠️ Please be respectful and constructive in your comments. Security discussions should remain professional.