Zebin

**Name of the Vulnerable Software and Affected Versions** Eclipse Sphinx versions prior to 0.13.1 **Description** The issue allows the injection of arbitrary definitions, enabling access to local files and exposing their contents via HTTP requests due to the use of Apache Xerces XML Parser without disabling the processing of referenced external entities. **Recommendations** For Eclipse Sphinx versions prior to 0.13.1, update to version 0.13.1 or later to resolve the issue. As a temporary workaround, consider disabling the use of Apache Xerces XML Parser or restricting its ability to process external entities until a patch is applied.