Security Advisory
CVE-2022-2131
CVE vulnerability detail — eXtreme Datacenter Security Operations
Description
OpenKM Community Edition in its 6.3.10 version and before was using XMLReader parser in XMLTextExtractor.java file without the required security flags, allowing an attacker to perform a XML external entity injection attack.