Critical severityNVD Advisory· Published Aug 29, 2020· Updated May 5, 2025
CVE-2020-25020
CVE-2020-25020
Description
MPXJ through 8.1.3 allows XXE attacks. This affects the GanttProjectReader and PhoenixReader components.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
net.sf.mpxj:mpxjMaven | < 8.1.4 | 8.1.4 |
Affected products
2- MPXJ/MPXJdescription
Patches
Vulnerability mechanics
References
5- github.com/advisories/GHSA-wcp5-m52f-mhh5ghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2020-25020ghsaADVISORY
- github.com/joniles/mpxj/pull/178/commits/c3e457f7a16facfe563eade82b0fa8736a8c96f9ghsax_refsource_MISCWEB
- github.com/joniles/mpxj/releases/tag/v8.1.4ghsaWEB
- www.oracle.com/security-alerts/cpujan2021.htmlghsax_refsource_MISCWEB
News mentions
0No linked articles in our index yet.