CVE-2023-32635 Information

Description

XBRL data create application version 7.0 and earlier improperly restricts XML external entity references (XXE). By processing a specially crafted XBRL file arbitrary files on the system may be read by an attacker.

Reference

https://jvn.jp/en/jp/JVN44726469/ https://submit2.edinet-fsa.go.jp/