mpxj is vulnerable to information disclosure. A local authenticated attacker is able to read the contents of temporary files or directories when File.createTempFile(..)
is used to create those files, resulting in disclosure of sensitive information.