Описание
requests-xml XML External Entity Injection vulnerability
requests-xml v0.2.3 was discovered to contain an XML External Entity Injection (XXE) vulnerability which allows attackers to execute arbitrary code via a crafted XML file.
Пакеты
Наименование
requests-xml
pip
Затронутые версииВерсия исправления
<= 0.2.3
Отсутствует
Связанные уязвимости
CVSS3: 7.5
nvd
больше 2 лет назад
requests-xml v0.2.3 was discovered to contain an XML External Entity Injection (XXE) vulnerability which allows attackers to execute arbitrary code via a crafted XML file.