GHSA-rc57-9r3x-98cq, CVE-2021-41411
maven/org.drools/drools-core
XML External Entity Reference in drools
drools <=7.59.x is affected by an XML External Entity (XXE) vulnerability in KieModuleMarshaller.java
. The Validator class is not used correctly, resulting in the XXE injection vulnerability.
All versions up to 7.59.0.final
Upgrade to version 7.60.0.Final or above.
2022-06-19
source |