0.097 Low
EPSS
Percentile
94.8%
ladon is vulnerable to XML external entity. Attackers who can send SOAP messages to the Ladon webservice via the HTTP interface can exploit the ulnerability to read local files, forge server side requests or crash the application.
bitbucket.org/jakobsg/ladon/src/42944fc012a3a48214791c120ee5619434505067/src/ladon/interfaces/soap.py#lines-688
www.exploit-db.com/exploits/43113