📦 Cocoon

This CVE describes an XXE (XML External Entity) vulnerability in Apache Cocoon that allows attackers to read arbitrary files from the server or perform server-side request forgery. It affects all Apac...

This SQL injection vulnerability in Apache Cocoon allows attackers to execute arbitrary SQL commands on affected systems. It affects Apache Cocoon versions 2.2.0 through 2.3.0 (excluding 2.3.0). Organ...

This vulnerability allows attackers to guess continuation identifiers in Apache Cocoon due to insufficiently random seed values, potentially accessing unauthorized continuations. All versions of Apach...