CVE-2026-53723: CWE-20: Improper Input Validation in guzzle guzzle-services
Guzzle Services provides an implementation of the Guzzle Command library that uses Guzzle service descriptions to describe web services, serialize requests, and parse responses into easy to use model structures. Versions prior ro 1.5.4 do not safely serialize scalar XML element values containing the CDATA terminator `]]>`. The XML request serializer writes values containing `<`, `>`, or `&` with `XMLWriter::writeCData($value)`. If attacker-controlled input contains `]]>`, the CDATA section closes early and the remainder is interpreted as XML markup. This is an outgoing request-body integrity issue, not a response parsing issue. The attacker does not need to control the service description or schema. Users are affected when all of the following are true: the application uses `guzzlehttp/guzzle-services` to serialize outgoing requests; a request parameter or `additionalParameters` schema uses `location: xml`; the value is serialized as XML element text, not an XML attribute; the value can contain attacker-controlled, user-controlled, tenant-controlled, or otherwise untrusted input; the value is not constrained by a safe `enum`, `pattern`, or custom filter that excludes `]]>`; and the downstream service parses the generated XML structurally and may act on unexpected, duplicated, or injected elements. Applications that serialize untrusted input into `location: xml` request parameters can emit XML containing attacker-controlled elements outside the intended text node. Depending on the receiving service, this can alter operation semantics, smuggle privileged fields, bypass modeled parameter boundaries, or create conflicting duplicated elements. Fixed service descriptions are sufficient if they contain an XML element parameter populated from attacker-controlled input. Users are not directly affected if they only use Guzzle Services to deserialize HTTP response bodies. Response XML parsing uses the response XML location visitor and does not invoke the vulnerable request XML serializer. Response bodies matter only in a second-order flow, such as parsing attacker-controlled response XML, storing or forwarding a parsed string value, and later using it as a `location: xml` request parameter. The issue is patched in `1.5.3` and later by safely splitting embedded CDATA terminators before serialization. The fix preserves the original scalar value as XML text and prevents injected nodes. As a workaround, constrain attacker-controlled XML element values with a strict `enum`, `pattern`, or custom filter that excludes `]]>`, or avoid serializing untrusted data into `location: xml` element text until patched. Where appropriate for the service schema, XML attributes are not affected because they are written with XMLWriter attribute APIs rather than CDATA sections. To determine whether action is needed, search service descriptions for request parameters using `location: xml`, including operation `parameters` and `additionalParameters`. Response-only `models` are not directly affected unless parsed values are reused for request serialization. For object and array parameters, review nested scalar properties because leaf element values can still be affected.
AI Analysis
Technical Summary
Guzzle Services prior to version 1.5.4 improperly serializes scalar XML element values containing the CDATA terminator ']]>' in outgoing requests. The XML request serializer uses XMLWriter::writeCData($value) for values containing special characters, but if the input contains ']]>', the CDATA section closes prematurely, and the remainder is interpreted as XML markup. This allows attacker-controlled input to inject XML elements outside the intended text node, potentially altering operation semantics or bypassing parameter boundaries in the downstream service. The vulnerability requires that the application uses guzzlehttp/guzzle-services to serialize outgoing requests with parameters located in XML element text, and that the input is attacker-controlled and not constrained by safe filters. The issue is patched in version 1.5.3 and later by safely splitting embedded CDATA terminators before serialization, preserving the original scalar value as XML text and preventing node injection. Workarounds include constraining input to exclude ']]>' or avoiding serialization of untrusted data into XML element text until patched.
Potential Impact
The vulnerability can lead to injection of attacker-controlled XML elements in outgoing request bodies, potentially altering the semantics of operations, smuggling privileged fields, bypassing modeled parameter boundaries, or creating conflicting duplicated elements in the downstream service. There is no direct impact on confidentiality or availability, but the integrity of outgoing XML requests can be compromised. The vulnerability does not affect response parsing unless attacker-controlled response data is later reused in requests. The CVSS score is 5.8 (medium severity) with no confidentiality impact, limited integrity impact, and no availability impact.
Mitigation Recommendations
A fix is available in guzzle-services version 1.5.3 and later, which safely handles embedded CDATA terminators during XML serialization. Users should upgrade to version 1.5.3 or newer to remediate this issue. As a temporary workaround, constrain attacker-controlled input for XML element text parameters to exclude the CDATA terminator sequence ']]>' using strict enums, patterns, or custom filters. Alternatively, avoid serializing untrusted data into XML element text parameters with location: xml until patched. Review service descriptions for request parameters using location: xml to identify affected inputs. XML attributes are not affected by this vulnerability.
CVE-2026-53723: CWE-20: Improper Input Validation in guzzle guzzle-services
Description
Guzzle Services provides an implementation of the Guzzle Command library that uses Guzzle service descriptions to describe web services, serialize requests, and parse responses into easy to use model structures. Versions prior ro 1.5.4 do not safely serialize scalar XML element values containing the CDATA terminator `]]>`. The XML request serializer writes values containing `<`, `>`, or `&` with `XMLWriter::writeCData($value)`. If attacker-controlled input contains `]]>`, the CDATA section closes early and the remainder is interpreted as XML markup. This is an outgoing request-body integrity issue, not a response parsing issue. The attacker does not need to control the service description or schema. Users are affected when all of the following are true: the application uses `guzzlehttp/guzzle-services` to serialize outgoing requests; a request parameter or `additionalParameters` schema uses `location: xml`; the value is serialized as XML element text, not an XML attribute; the value can contain attacker-controlled, user-controlled, tenant-controlled, or otherwise untrusted input; the value is not constrained by a safe `enum`, `pattern`, or custom filter that excludes `]]>`; and the downstream service parses the generated XML structurally and may act on unexpected, duplicated, or injected elements. Applications that serialize untrusted input into `location: xml` request parameters can emit XML containing attacker-controlled elements outside the intended text node. Depending on the receiving service, this can alter operation semantics, smuggle privileged fields, bypass modeled parameter boundaries, or create conflicting duplicated elements. Fixed service descriptions are sufficient if they contain an XML element parameter populated from attacker-controlled input. Users are not directly affected if they only use Guzzle Services to deserialize HTTP response bodies. Response XML parsing uses the response XML location visitor and does not invoke the vulnerable request XML serializer. Response bodies matter only in a second-order flow, such as parsing attacker-controlled response XML, storing or forwarding a parsed string value, and later using it as a `location: xml` request parameter. The issue is patched in `1.5.3` and later by safely splitting embedded CDATA terminators before serialization. The fix preserves the original scalar value as XML text and prevents injected nodes. As a workaround, constrain attacker-controlled XML element values with a strict `enum`, `pattern`, or custom filter that excludes `]]>`, or avoid serializing untrusted data into `location: xml` element text until patched. Where appropriate for the service schema, XML attributes are not affected because they are written with XMLWriter attribute APIs rather than CDATA sections. To determine whether action is needed, search service descriptions for request parameters using `location: xml`, including operation `parameters` and `additionalParameters`. Response-only `models` are not directly affected unless parsed values are reused for request serialization. For object and array parameters, review nested scalar properties because leaf element values can still be affected.
CVSS v3.1
Score 5.8medium
Affected software
pkg:composer/guzzle/guzzle-servicesRun on your own infrastructure? Check whether these packages are installed with threat-finder — our free open-source scanner.
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
Guzzle Services prior to version 1.5.4 improperly serializes scalar XML element values containing the CDATA terminator ']]>' in outgoing requests. The XML request serializer uses XMLWriter::writeCData($value) for values containing special characters, but if the input contains ']]>', the CDATA section closes prematurely, and the remainder is interpreted as XML markup. This allows attacker-controlled input to inject XML elements outside the intended text node, potentially altering operation semantics or bypassing parameter boundaries in the downstream service. The vulnerability requires that the application uses guzzlehttp/guzzle-services to serialize outgoing requests with parameters located in XML element text, and that the input is attacker-controlled and not constrained by safe filters. The issue is patched in version 1.5.3 and later by safely splitting embedded CDATA terminators before serialization, preserving the original scalar value as XML text and preventing node injection. Workarounds include constraining input to exclude ']]>' or avoiding serialization of untrusted data into XML element text until patched.
Potential Impact
The vulnerability can lead to injection of attacker-controlled XML elements in outgoing request bodies, potentially altering the semantics of operations, smuggling privileged fields, bypassing modeled parameter boundaries, or creating conflicting duplicated elements in the downstream service. There is no direct impact on confidentiality or availability, but the integrity of outgoing XML requests can be compromised. The vulnerability does not affect response parsing unless attacker-controlled response data is later reused in requests. The CVSS score is 5.8 (medium severity) with no confidentiality impact, limited integrity impact, and no availability impact.
Mitigation Recommendations
A fix is available in guzzle-services version 1.5.3 and later, which safely handles embedded CDATA terminators during XML serialization. Users should upgrade to version 1.5.3 or newer to remediate this issue. As a temporary workaround, constrain attacker-controlled input for XML element text parameters to exclude the CDATA terminator sequence ']]>' using strict enums, patterns, or custom filters. Alternatively, avoid serializing untrusted data into XML element text parameters with location: xml until patched. Review service descriptions for request parameters using location: xml to identify affected inputs. XML attributes are not affected by this vulnerability.
Technical Details
- Data Version
- 5.2
- Assigner Short Name
- GitHub_M
- Date Reserved
- 2026-06-10T16:43:31.242Z
- Cvss Version
- 3.1
- State
- PUBLISHED
- Remediation Level
- null
Threat ID: 6a2ac2f3815e7002b8f50211
Added to database: 6/11/2026, 2:15:15 PM
Last enriched: 6/11/2026, 2:30:36 PM
Last updated: 6/11/2026, 7:13:35 PM
Views: 7
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
External Links
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.