Improper Restriction of XML External Entity Reference
WXPayUtil in WeChat Pay Java SDK allows XXE attacks involving a merchant notification URL.
Advisories for Maven/Com.github.wxpay/Wxpay-Sdk package
2022
WXPayUtil in WeChat Pay Java SDK allows XXE attacks involving a merchant notification URL.