What the vulnerability does

01Description

Access to external entities when parsing XML documents can lead to XML external entity (XXE) attacks. This flaw allows a remote attacker to potentially retrieve the content of arbitrary files by sending specially crafted HTTP requests.

Key dates

02Disclosure timeline

July 29, 2022 CVE published
August 3, 2024 Record updated

Related vulnerabilities

04Related CVE