You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Hutool provides XML utility classes that may be vulnerable to remote code execution when using XmlUtil.readObjectFromXml to interpret untrusted XML strings
Detailed
The program will call XMLDecoder.readObject to parse the XML string, causing a deserialization vulnerability
Desc
Hutool provides XML utility classes that may be vulnerable to remote code execution when using XmlUtil.readObjectFromXml to interpret untrusted XML strings
Detailed
The program will call XMLDecoder.readObject to parse the XML string, causing a deserialization vulnerability
cn.hutool.core.util.XmlUtil#readObjectFromXml
Attack
The text was updated successfully, but these errors were encountered: