CWE-776
Improper Restriction of Recursive Entity References in DTDs ('XML Entity Expansion')
The product uses XML documents and allows their structure to be defined with a Document Type Definition (DTD), but it does not properly control the number of recursive definitions of entities.
Official CWE-776 definition at MITREImpactr finds and proves weaknesses like CWE-776 in your web apps and APIs - investigating, chaining, and validating each with a reproducible exploit.
Join the waitlist