CVE-2025-2776

⚠ KEVEPSS 62.6%

SysAid On-Prem Improper Restriction of XML External Entity Reference Vulnerability

Added to CISA KEV: 7/22/2025

Description

SysAid On-Prem contains an improper restriction of XML external entity reference vulnerability in the Server URL processing functionality, allowing for administrator account takeover and file read primitives.

Affected packages (0)

No package mapping in OSV.