https://stoeps.de/tags/advisory/ Recent content in Advisory on Hugo -- gohugo.io en christoph.stoettner@stoeps.de (Christoph Stoettner) christoph.stoettner@stoeps.de (Christoph Stoettner) &copy; 2026 Christoph Stöttner - This work is licensed under [CC BY-SA 4.0](https://creativecommons.org/licenses/by-sa/4.0/) <span class='footerimg'><img src='https://mirrors.creativecommons.org/presskit/icons/cc.svg' alt='' style='max-width: 1em;max-height:1em;margin-left: .2em;'><img src='https://mirrors.creativecommons.org/presskit/icons/by.svg' alt='' style='max-width: 1em;max-height:1em;margin-left: .2em;'><img src='https://mirrors.creativecommons.org/presskit/icons/sa.svg' alt='' style='max-width: 1em;max-height:1em;margin-left: .2em;'></span> Fri, 26 Sep 2025 18:00:00 +0200 https://stoeps.de/posts/2025/hcl_connections_is_vulnerable_for_cve-2025-54988/ Fri, 26 Sep 2025 18:00:00 +0200 christoph.stoettner@stoeps.de (Christoph Stoettner) https://stoeps.de/posts/2025/hcl_connections_is_vulnerable_for_cve-2025-54988/ <p>HCL published the <a href="https://support.hcl-software.com/csm?id=kb_article&amp;sysparm_article=KB0124266" target="_blank" rel="noreferrer">Security Bulletin: HCL Connections is affected by an XML External Entity (XXE) vulnerability in Apache Tika (CVE-2025-54988)</a> that Connections is also vulnerable for <a href="https://nvd.nist.gov/vuln/detail/CVE-2025-54988" target="_blank" rel="noreferrer">CVE-2025-54988</a>!</p>