Medium severity5.0OSV Advisory· Published Dec 24, 2025· Updated Apr 15, 2026
CVE-2024-58335
CVE-2024-58335
Description
OpenXRechnungToolbox through 2024-10-05-3.0.0 before 6c50e89 allows XXE because the disallow-doctype-decl feature is not enabled in visualization/VisualizerImpl.java.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Range: 2020-08-27, 2020-08-28, 2020-11-02, …
- Range: <= 2024-10-05-3.0.0
Patches
Vulnerability mechanics
References
2News mentions
0No linked articles in our index yet.