PT-2026-48844
Name of the Vulnerable Software and Affected Versions Apache CXF versions prior to 4.2.2 Apache CXF versions prior to 4.1.7 Description The EndpointReferenceUtils and W3CMultiSchemaFactory classes construct a SAXParserFactory without the required JAXP hardening configurations. This allows for...