Security
Audit
expat-xxe
expat-xxe
If unverified user data can reach the XML Parser it can result in XML External or Internal Entity (XXE) Processing vulnerabilities
Likelihood: LOW
Confidence: LOW
CWE:
- CWE-611: Improper Restriction of XML External Entity Reference
OWASP:
- A04:2017 - XML External Entities (XXE)
- A05:2021 - Security Misconfiguration