GHSA-534c-hcr7-67jg: Kimai has an XXE Leading to Local File Read
Kimai uses PHPSpreadsheet for importing and exporting invoices. Recently, a CVE was identified in PHPSpreadsheet, which could lead to an XXE vulnerability.
References
Detect and mitigate GHSA-534c-hcr7-67jg with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →