XML External Entity (XXE)

org.apache.xmlgraphics, fop-core is vulnerable to XML External Entity Reference XXE. The vulnerability is due to the application's failure to properly configure XML parsers and restrict the processing of external entities, allowing an attacker to exploit external entity references without adequat...