6.9 Medium
AI Score
Confidence
Low
0.005 Low
EPSS
Percentile
75.7%
An issue was discovered in weixin-java-tools. There is an XXE vulnerability in the getXmlDoc method of the BaseWxPayResult.java file. NOTE: this issue exists because of an incomplete fix for CVE-2018-20318.
github.com/Wechat-Group/WxJava/commit/8ec61d1328f50e23cd14285a950ca57a088b32b2
github.com/Wechat-Group/WxJava/issues/903
github.com/Wechat-Group/WxJava/issues/903#issuecomment-453747039
nvd.nist.gov/vuln/detail/CVE-2019-5312