XmlReaderSettings found with DtdProcessing.Parse on an XmlReader handling a string argument from a public method. Enabling Document Type Definition (DTD) parsing may cause XML External Entity (XXE) injection if supplied with user-controllable data. Likelihood: LOW Confidence: MEDIUM CWE: - CWE-611: Improper Restriction of XML External Entity Reference
OWASP: - A04:2017 - XML External Entities (XXE)
- A05:2021 - Security Misconfiguration
xmldocument-unsafe-parser-override
XmlReaderSettings found with DtdProcessing.Parse on an XmlReader handling a string argument from a public method. Enabling Document Type Definition (DTD) parsing may cause XML External Entity (XXE) injection if supplied with user-controllable data. Likelihood: LOW Confidence: MEDIUM CWE: - CWE-611: Improper Restriction of XML External Entity Reference
OWASP: - A04:2017 - XML External Entities (XXE)
- A05:2021 - Security Misconfiguration
xmlreadersettings-unsafe-parser-override
XmlReaderSettings found with DtdProcessing.Parse on an XmlReader handling a string argument from a public method. Enabling Document Type Definition (DTD) parsing may cause XML External Entity (XXE) injection if supplied with user-controllable data. Likelihood: LOW Confidence: MEDIUM CWE: - CWE-611: Improper Restriction of XML External Entity Reference
OWASP: - A04:2017 - XML External Entities (XXE)
- A05:2021 - Security Misconfiguration