CVE-2025-36603 Information

Description

Dell AppSync version(s) 4.6.0.0 contains an Improper Restriction of XML External Entity Reference vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability leading to Information disclosure and Information tampering.

Reference

https://www.dell.com/support/kbdoc/en-us/000345331/dsa-2025-277-security-update-for-dell-appsync-vulnerabilities

Related CNNVD

CNNVD-202507-2675 (Published: 2025-07-21)