S2Etoo

**Name of the Vulnerable Software and Affected Versions** Dromara Hutool version 5.8.11 **Description** A deserialization issue allows an attacker to execute arbitrary code via the `XmlUtil.readObjectFromXml` parameter. This enables the attacker to potentially gain control over the system. **Recommendations** For Dromara Hutool version 5.8.11, consider disabling the `XmlUtil.readObjectFromXml` parameter as a temporary workaround until a patch is available. Restrict access to this parameter to minimize the risk of exploitation.