CVE-2021-41411 Information

Description

drools <=7.59.x is affected by an XML External Entity (XXE) vulnerability in KieModuleMarshaller.java. The Validator class is not used correctly resulting in the XXE injection vulnerability.

Reference

https://github.com/kiegroup/drools/pull/3808