GHSA-G6WM-2V64-WQ36 LocalS3 CreateBucketConfiguration Endpoint XML External Entity (XXE) Injection
Description The LocalS3 service's bucket creation endpoint is vulnerable to XML External Entity XXE injection. When processing the CreateBucketConfiguration XML document during bucket creation, the service's XML parser is configured to resolve external entities. This allows an attacker to declare...