EPSS
Percentile
59.2%
mpxj is vulnerable to XML external entity attacks. The XMLFilter is configured with external DTDs by default, allowing an attacker to perform XXE attacks to access system files or perform requests on behalf of the server.
github.com/joniles/mpxj/pull/178
github.com/joniles/mpxj/pull/178/commits/c3e457f7a16facfe563eade82b0fa8736a8c96f9
www.oracle.com/security-alerts/cpujan2021.html