Security restricted: Attachments of type xml are not allowedIssue The issue came as Qualys Host Detection Integration failure with notes: "TypeError: Cannot convert null to an object."Already followed KB0869521 but it didn't help. The problem is not with Qualys, as the integration works correctly on the other instances.SymptomsError in log: 2025-05-07 04:05:59 (478) worker.6 worker.6 txid=47f2236ac3d1 JobExecutor Completed: ASYNC: Run process on insert in 0:00:59.178, next occurrence is null, id=cff2ef6ac3d16e1087f63fbf05013131 tr=0 pr=100 re=0 po=1746615900 la=0.293 2025-05-07 04:05:59 (447) worker.6 worker.6 txid=47f2236ac3d1 SSI_054d5d389f60020034c6b6a0942e70db WARNING *** WARNING *** sn_vul (VulnerabilityIntegrationController): Encountered error running integration process VINTPRC0200367: TypeError: Cannot convert null to an object. at sys_script_include.bb2a7dcb9f21120034c6b6a0942e70f4.script:40 at sys_script_include.d69e2184ff900300c68c9f783894face.script:62 at sys_script_include.054d5d389f60020034c6b6a0942e70db.script:117 at sys_script_include.054d5d389f60020034c6b6a0942e70db.script:50 Show all 7 lines 2025-05-07 04:05:59 (441) worker.6 worker.6 txid=47f2236ac3d1 SSI_054d5d389f60020034c6b6a0942e70db SEVERE *** ERROR *** sn_vul (VulnerabilityIntegrationController): Caught error while validating data, integration process VINTPRC0200367 TypeError: Cannot convert null to an object. at sys_script_include.bb2a7dcb9f21120034c6b6a0942e70f4.script:40 at sys_script_include.d69e2184ff900300c68c9f783894face.script:62 at sys_script_include.054d5d389f60020034c6b6a0942e70db.script:117 at sys_script_include.054d5d389f60020034c6b6a0942e70db.script:50 Show all 7 lines 2025-05-07 04:05:59 (437) worker.6 worker.6 txid=47f2236ac3d1 SSI_bb2a7dcb9f21120034c6b6a0942e70f4 SEVERE *** ERROR *** com.ctc.wstx.exc.WstxEOFException: Unexpected EOF in prolog at [row,col {unknown-source}]: [1,0] org.apache.axiom.om.OMException: com.ctc.wstx.exc.WstxEOFException: Unexpected EOF in prolog at [row,col {unknown-source}]: [1,0] at org.apache.axiom.om.impl.builder.StAXOMBuilder.next(StAXOMBuilder.java:297) Show all 94 lines 2025-05-07 04:05:58 (993) worker.6 worker.6 txid=47f2236ac3d1 SSI_bb2a7dcb9f21120034c6b6a0942e70f4 WARNING *** WARNING *** Get for non-existent record: sys_attachment:null, initializing 2025-05-07 04:05:58 (985) worker.6 worker.6 txid=47f2236ac3d1 SSI_d69e2184ff900300c68c9f783894face WARNING *** WARNING *** Security restricted: File type is not allowed or does not match the content for file Qualys Host Detection Integration_2025-05-07 11:05:00.xml 2025-05-07 04:05:58 (985) worker.6 worker.6 txid=47f2236ac3d1 SSI_d69e2184ff900300c68c9f783894face WARNING *** WARNING *** Security restricted: Attachments of type xml are not allowed ReleaseThis issue can happen on any release.CauseExclude XML attachments (set glide.security.attachment_type.use_blacklist=true and glide.attachment.blacklisted.extensions=xml), it's no longer possible to do XML imports, the errors seen in the logs:WARNING *** Security restricted: Attachments of type xml are not allowedWARNING *** Security restricted: File type is not allowed or does not match the content for file response.xml So, restricting the attachment file type results in restrictions on importing data, including update sets.The reason: we are using same Attachment code to check the restrictions for both importing data, uploading attachments, and uploading filesResolutionThe workaround is to remove the value "xml" from the system_property : "glide.attachment.blacklisted.extensions"