XML External Entity Document Builder Factory High

Objects that parse or handle XML data can lead to XML External Entity (XXE) attacks when not configured properly. Improper restriction of XML external entity processing can lead to server-side request forgery and information disclosure.

Detector ID
java/xml-external-entity-document-builder-factory@v1.0
Category
Common Weakness Enumeration (CWE) external icon