xenon-commons is vulnerable to remote code execution (RCE) attacks. These attacks are possible because inbound requests of Content-Type: kryo-octet-stream
are deserialized when getBody
is called. Using this flaw, unauthenticated users can execute code.