com.glazedlists:glazedlists is vulnerable to Arbitrary Code Execution. The vulnerability exists in the decode
method of BeanXMLByteCoder
, which allows a remote attacker to inject and execute arbitrary code because the decode
method parses the XML string without any checks, resulting in improper XML deserialization.