0.002 Low
EPSS
Percentile
59.9%
wiremock is vulnerable to directory traversal through XML External Entity (XXE) attacks. The application does not disable DTD during XPATH Evaluation, allowing a malicious user to traverse the directory.
github.com/tomakehurst/wiremock/commit/4c6dfde82a5ee91c5f47bf353f5099d11692db39
groups.google.com/forum/#%21topic/wiremock-user/PQ1UQzKZVl0