CVE-2025-52162 | THREATINT

Description

agorum Software GmbH Agorum core open v11.9.2 & v11.10.1 was discovered to contain an XML External Entity (XXE) via the RSSReader endpoint. This vulnerability allows attackers to access sensitive data via providing a crafted XML input.

PUBLISHED Reserved 2025-06-16 | Published 2025-07-18 | Updated 2025-07-18 | Assigner mitre

References

agorum.com

herolab.usd.de/security-advisories/usd-2025-0024/

cve.org (CVE-2025-52162)

nvd.nist.gov (CVE-2025-52162)

Download JSON