CVE-2024-51132 Information

Description

An XML External Entity (XXE) vulnerability in HAPI FHIR before v6.4.0 allows attackers to access sensitive information or execute arbitrary code via supplying a crafted request containing malicious XML entities.

Reference

https://github.com/hapifhir/org.hl7.fhir.core https://github.com/JAckLosingHeart/CVE-2024-51132-POC