Description
XXE issue in Airsonic before 10.1.2 during parse.
Remediation
References
https://github.com/airsonic/airsonic/blob/master/CHANGELOG.md
https://github.com/airsonic/airsonic/releases/tag/v10.2.1
Related Vulnerabilities
CVE-2022-31129 Vulnerability in maven package org.webjars.npm:moment
CVE-2021-21391 Vulnerability in npm package @ckeditor/ckeditor5-image
CVE-2022-21164 Vulnerability in npm package node-lmdb
CVE-2019-19919 Vulnerability in maven package org.webjars:handlebars
CVE-2020-29204 Vulnerability in maven package com.xuxueli:xxl-job-admin