CVE-2023-32639

Name of the Vulnerable Software and Affected Versions Applicant Programme versions 7.06 and earlier

Description The issue is related to the improper restriction of XML external entity references (XXE) in the Applicant Programme. This allows an attacker to read arbitrary files on the system by processing a specially crafted XML file.

Recommendations For versions 7.06 and earlier, consider disabling XML external entity references until a patch is available. Restrict access to sensitive files and directories to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.