You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Vulnerable Package issue exists @ Maven-dom4j:dom4j-1.6.1 in branch master
dom4j prior to 2.0.3 and 2.1.x prior to 2.1.1 contains a CWE-91: XML Injection vulnerability in Class: Element. Methods: addElement, addAttribute that can result in an attacker tampering with XML documents through XML injection. This attack appear to be exploitable via an attacker specifying attributes or elements in the XML document.
To resolve this issue - upgrade to version 2.0.3 or 2.1.1. Please note: the package name was changed to org.dom4j:dom4j on version 2.0.0.
Vulnerable Package issue exists @ Maven-dom4j:dom4j-1.6.1 in branch master
dom4j prior to 2.0.3 and 2.1.x prior to 2.1.1 contains a CWE-91: XML Injection vulnerability in Class: Element. Methods: addElement, addAttribute that can result in an attacker tampering with XML documents through XML injection. This attack appear to be exploitable via an attacker specifying attributes or elements in the XML document.
To resolve this issue - upgrade to version 2.0.3 or 2.1.1. Please note: the package name was changed to org.dom4j:dom4j on version 2.0.0.
Namespace: joaoreis-cx
Repository: test1
Repository Url: https://github.com/joaoreis-cx/test1
CxAST-Project: joaoreis-cx/test1
CxAST platform scan: dbacae2d-4523-4573-84eb-ddb0f615a9bb
Branch: master
Application: test1
Severity: HIGH
State: NOT_IGNORED
Status: RECURRENT
CWE: CWE-91
Additional Info
Attack vector: NETWORK
Attack complexity: LOW
Confidentiality impact: NONE
Availability impact: NONE
References
Commit
Issue
Advisory
Disclosure
The text was updated successfully, but these errors were encountered: