org.xmlunit: xmlunit-core is vulnerable to Arbitrary Code Execution. The vulnerability is due to enabling XSLT extension transformation functions by default within TransformerFactoryConfigurer.java
, which could allows attackers to execute arbitrary code during XSLT transformations if an application parses untrusted XSLT files.