Description
An XML External Entity (XXE) vulnerability exists in wuta jox 1.16 in the readObject method in JOXSAXBeanInput.
Remediation
References
https://novysodope.github.io/2021/10/29/64/
Related Vulnerabilities
CVE-2021-21391 Vulnerability in npm package @ckeditor/ckeditor5-engine
CVE-2018-5673 Vulnerability in maven package org.apache.geronimo.plugins:dojo
CVE-2023-30518 Vulnerability in maven package io.jenkins.plugins:thycotic-secret-server
CVE-2023-30547 Vulnerability in npm package vm2
CVE-2023-6563 Vulnerability in maven package org.keycloak:keycloak-model-jpa