XXE - Rasp Blog

RASP Protects Against the GeoServer XXE Vulnerability(CVE-2025-58360)

The application accepts XML input through a specific endpoint /geoserver/wms operation GetMap. However, this input is not sufficiently sanitized or restricted, allowing an attacker to define external entities within the XML request.

Timon 3 months agoDecember 30, 2025

RASP

How RASP Protects Against the XXE Vulnerability CVE-2025-66516

XXE injection refers to a web security vulnerability that allows an attacker to interfere with an application’s processing of XML data. This, in turn, makes it possible to access files on the application server file system and, in some cases, even, achieve remote code execution.

Timon 4 months agoJanuary 10, 2026