An issue in openCRX v.5.2.2 allows a remote attacker to read internal files and execute server side request forgery attack via insecure DocumentBuilderFactory.
| Package (Ecosystem) | Introduced | Fixed | Limit |
|---|---|---|---|
| org.opencrx:opencrx-client(Maven) | 0 | 5.3.0 | N/A |
CVSS Metrics
