Vigil@nce - Vigil@nce - Python Pikepdf: external XML entity injection via XMP Metadata Entries, analyzed on 09/04/2021
June 2021 by Vigil@nce
Vigil@nce - An attacker can transmit malicious XML data via XMP Metadata Entries to Python Pikepdf, in order to read a file, scan sites, or trigger a denial of service.
Plus d'information sur : https://vigilance.fr/vulnerability/Python-Pikepdf-external-XML-entity-injection-via-XMP-Metadata-Entries-35049