{“lastseen”:””,”description”:”IBM Business Automation Workflow containers V25.0.0 through V25.0.0-IF007, V24.0.1 – V24.0.1-IF007, V24.0.0 – V24.0.0-IF007 and IBM Business Automation Workflow traditional V25.0.0, V24.0.1, V24.0.0 is vulnerable to an XML external entity injection (XXE) attack when processing XML data. A\u00a0remote attacker could exploit this vulnerability to expose sensitive information or consume memory\u00a0resources.”,”published”:”2026-02-02T20:56:48.318Z”,”modified”:”2026-02-02T20:56:48.318Z”,”type”:”cve”,”title”:”XML eXternal Entity injection (XXE) vulnerability affect IBM Business Automation Workflow -“,”source”:”ibm”,”references”:”https:\/\/www.ibm.com\/support\/pages\/node\/7259321″,”id”:”CVE-2025-13096″,”bulletinFamily”:””,”cwe”:[“CWE-918″],”cvelist”:null,”sourceData”:”IBM Business Automation Workflow containers V25.0.0\\nIBM Business Automation Workflow containers V24.0.1\\nIBM Business Automation Workflow containers V24.0.0\\nIBM Business Automation Workflow traditional 25.0.0\\nIBM Business Automation Workflow traditional 24.0.1\\nIBM Business Automation Workflow traditional 24.0.0″,”sourceHref”:””,”cvss”:{“score”:7.1,”severity”:”HIGH”,”vector”:”CVSS:3.1\/AV:N\/AC:L\/PR:L\/UI:N\/S:U\/C:H\/I:N\/A:L”,”version”:”3.1″},”cvss2″:{},”cvss3″:{“version”:””,”vectorString”:””,”baseScore”:0,”baseSeverity”:””,”attackVector”:””,”attackComplexity”:””,”privilegesRequired”:””,”userInteraction”:””,”scope”:””,”confidentialityImpact”:””,”integrityImpact”:””,”availabilityImpact”:””,”cvssV3″:{“version”:””,”vectorString”:””,”baseScore”:0,”baseSeverity”:””,”attackVector”:””,”attackComplexity”:””,”privilegesRequired”:””,”userInteraction”:””,”scope”:””,”confidentialityImpact”:””,”integrityImpact”:””,”availabilityImpact”:””}},”href”:””,”category_name”:”CVE”,”post_link”:””,”product”:”Business Automation Workflow containers”,”version”:”V25.0.0″,”vendor”:”IBM”,”ai_description”:””,”ai_severity”:””,”ai_vendor”:””,”ai_product”:””,”ai_version”:””,”ai_score”:0}<\/p>\n","protected":false},"excerpt":{"rendered":"
{“lastseen”:””,”description”:”IBM Business Automation Workflow containers V25.0.0 through V25.0.0-IF007, V24.0.1 – V24.0.1-IF007, V24.0.0 – V24.0.0-IF007 and IBM Business Automation Workflow traditional V25.0.0, V24.0.1, V24.0.0 is vulnerable…<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[2],"tags":[6,8,50,12,15,13,7,11,5],"class_list":["post-38602","post","type-post","status-publish","format-standard","hentry","category-category_cve","tag-cve","tag-cvss","tag-cvss-71","tag-exploit","tag-high","tag-news","tag-security","tag-tapic","tag-vulnerability"],"yoast_head":"\n