CVE-2023-49733

Name of the Vulnerable Software and Affected Versions Apache Cocoon versions 2.2.0 through 2.2.x before 2.3.0 Apache Cocoon version 2.2.0

Description The issue is related to an Improper Restriction of XML External Entity Reference, which allows users to inject malicious code into XML documents. This can lead to Remote Code Execution (RCE). Users are advised to upgrade to a fixed version to resolve the issue.

Recommendations For Apache Cocoon versions 2.2.0 through 2.2.x before 2.3.0, upgrade to version 2.3.0, which fixes the issue. For Apache Cocoon version 2.2.0, upgrade to version 2.3.0, which fixes the issue.