Peri0D

**Name of the Vulnerable Software and Affected Versions** ebookmeta versions prior to 1.2.8 **Description** An XML External Entity (XXE) vulnerability in the `ebookmeta.get metadata` function allows attackers to access sensitive information or cause a Denial of Service (DoS) via crafted XML input. **Recommendations** For versions prior to 1.2.8, update to version 1.2.8 or later to resolve the issue. As a temporary workaround, consider disabling the `ebookmeta.get metadata` function until a patch is available.

**Name of the Vulnerable Software and Affected Versions** lxml versions prior to 4.9.1 **Description** An XML External Entity (XXE) vulnerability in the `ebookmeta.get metadata` function allows attackers to access sensitive information or cause a Denial of Service (DoS) via crafted XML input. **Recommendations** For versions prior to 4.9.1, update to version 4.9.1 or later to resolve the issue. As a temporary workaround, consider disabling the `ebookmeta.get metadata` function until a patch is available.