CVE-2023-45960 Information

Description

An issue in dom4.j org.dom4.io.SAXReader v.2.1.4 and before allows a remote attacker to obtain sensitive information via the setFeature function.

Reference

https://github.com/joker-xiaoyan/XXE-SAXReader/tree/main https://dom4j.github.io/