CVE-2020-36641

Name of the Vulnerable Software and Affected Versions gturri aXMLRPC versions up to 1.12.0

Description A vulnerability was found in the ResponseParser function of the file src/main/java/de/timroes/axmlrpc/ResponseParser.java. The manipulation leads to xml external entity reference.

Recommendations For gturri aXMLRPC versions up to 1.12.0, upgrade to version 1.12.1 or higher to address this issue. As a temporary workaround, consider disabling the ResponseParser function until a patch is available. Restrict access to the vulnerable component to minimize the risk of exploitation.