XML External Entities (XXE)
gateway-service-admin is vulnerable to XML external entities XXE attacks. The vulnerability exists due to the improper default configuration in XMLInputFactory where external entities were not disabled, allowing them to be specified and disclosed when parsed...