netbeans-mmd-plugin version <= 1.4.3 contains a XML External Entity (XXE) vulnerability in MMD file import that can result in Possible information disclosure, server-side request forgery, or remote code execution. This attack appear to be exploitable via Specially crafted MMD file.
CPE | Name | Operator | Version |
---|---|---|---|
netbeans-mmd-plugin | eq | 1.4.3 |