Gematik Referenzvalidator has an XXE vulnerability that can lead to a Server Side Request Forgery attack

Impact The profile location routine in the referencevalidator commons package is vulnerable to XML External Entities attack due to insecure defaults of the used Woodstox WstxInputFactory. A malicious XML resource can lead to network requests issued by referencevalidator and thus to a Server Side...

Gematik Referenzvalidator 代码问题漏洞

Gematik Referenzvalidator is an open source tool from gematik. It is used for advanced validation of TI applications and Contoso resources for interoperability standards. A code issue exists in Gematik Referenzvalidator that stems from the use of insecure default settings in the Woodstox...