CVE-2023-32635

Name of the Vulnerable Software and Affected Versions XBRL data create application versions 7.0 and earlier

Description The issue is related to the improper restriction of XML external entity references (XXE) in the XBRL data create application. This allows an attacker to read arbitrary files on the system by processing a specially crafted XBRL file.

Recommendations For versions 7.0 and earlier, consider disabling the XBRL file processing feature until a patch is available to prevent potential exploitation of the XXE issue. Restrict access to sensitive files and directories to minimize the risk of unauthorized access. At the moment, there is no information about a newer version that contains a fix for this vulnerability.