You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Vulnerable Package issue exists @ Maven-dom4j:dom4j-1.6.1 in branch master
dom4j prior to 2.0.3 and 2.1.x prior to 2.1.1 contains a CWE-91: XML Injection vulnerability in Class: Element. Methods: addElement, addAttribute that can result in an attacker tampering with XML documents through XML injection. This attack appear to be exploitable via an attacker specifying attributes or elements in the XML document.
To resolve this issue - upgrade to version 2.0.3 or 2.1.1. Please note: the package name was changed to org.dom4j:dom4j on version 2.0.0.
Vulnerable Package issue exists @ Maven-dom4j:dom4j-1.6.1 in branch master
dom4j prior to 2.0.3 and 2.1.x prior to 2.1.1 contains a CWE-91: XML Injection vulnerability in Class: Element. Methods: addElement, addAttribute that can result in an attacker tampering with XML documents through XML injection. This attack appear to be exploitable via an attacker specifying attributes or elements in the XML document.
To resolve this issue - upgrade to version 2.0.3 or 2.1.1. Please note: the package name was changed to org.dom4j:dom4j on version 2.0.0.
Namespace: SamHeadrickCx
Repository: easybuggy4sb
Repository Url: https://github.com/SamHeadrickCx/easybuggy4sb
CxAST-Project: SamHeadrickCx/easybuggy4sb
CxAST platform scan: 3776f006-a82c-4067-99d1-88d4ec11b623
Branch: master
Application: easybuggy4sb
Severity: HIGH
State: NOT_IGNORED
Status: RECURRENT
CWE: CWE-91
Additional Info
Attack vector: NETWORK
Attack complexity: LOW
Confidentiality impact: NONE
Availability impact: NONE
References
Commit
Issue
Advisory
Disclosure
The text was updated successfully, but these errors were encountered: