Description
An XML Deserialization vulnerability in glazedlists v1.11.0 allows an attacker to execute arbitrary code via the BeanXMLByteCoder.decode() parameter.
Remediation
References
https://github.com/glazedlists/glazedlists/issues/709
Related Vulnerabilities
CVE-2011-4367 Vulnerability in maven package org.apache.myfaces.core:myfaces-core-project
CVE-2022-21169 Vulnerability in npm package express-xss-sanitizer
CVE-2018-19907 Vulnerability in maven package org.craftercms:crafter-engine
CVE-2022-25758 Vulnerability in npm package scss-tokenizer
CVE-2023-1454 Vulnerability in maven package org.jeecgframework.boot:jeecg-boot-common