Srikanthprathi

**Name of the Vulnerable Software and Affected Versions** requests-xml version 0.2.3 **Description** The issue allows attackers to execute arbitrary code via a crafted XML file, exploiting an XML External Entity Injection (XXE) vulnerability. **Recommendations** For version 0.2.3, update to a version that fixes the XML External Entity Injection vulnerability. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** py-xml version 1.0 **Description** The issue allows attackers to execute arbitrary code via a crafted XML file, exploiting an XML External Entity Injection (XXE) vulnerability. **Recommendations** For py-xml version 1.0, consider disabling the XML parsing functionality until a patch is available to prevent exploitation of the XXE vulnerability.