VYPR

Maven package

org.opennms.core/org.opennms.core.xml

pkg:maven/org.opennms.core/org.opennms.core.xml

Vulnerabilities (1)

  • CVE-2023-0871Aug 11, 2023
    affected >= 31.0.8, < 32.0.2fixed 32.0.2

    XXE injection in /rtc/post/ endpoint in OpenMNS Horizon 31.0.8 and versions earlier than 32.0.2 on multiple platforms is vulnerable to XML external entity (XXE) injection, which can be used for instance to force Horizon to make arbitrary HTTP requests to internal and external ser