CVE-2023-46802 Information

Description

e-Tax software Version3.0.10 and earlier improperly restricts XML external entity references (XXE) due to the configuration of the embedded XML parser. By processing a specially crafted XML file arbitrary files on the system may be read by an attacker.

Reference

https://www.e-tax.nta.go.jp/topics/topics_20231102.htm https://jvn.jp/en/jp/JVN14762986/