neo4j-apoc-procedures is susceptible to XML external entity injection (XXE). The vulnerability is caused due to the way XML parser processes XML input containing a reference to an external entity using a weak configuration.
CPE | Name | Operator | Version |
---|---|---|---|
neo4j-apoc-procedure | le | 3.4.03 | |
neo4j-apoc-procedure | le | 3.4.03 |