A flaw was found in codehaus-plexus. The org.codehaus.plexus.util.xml.XmlWriterUtil#writeComment fails to sanitize comments for a --> sequence. This issue means that text contained in the command string could be interpreted as XML and allow for XML injection.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: redhat
Published: 2023-09-25T19:20:57.329Z
Updated: 2024-08-03T01:34:49.896Z
Reserved: 2022-12-01T06:39:39.475Z
Link: CVE-2022-4245
Vulnrichment
Updated: 2024-08-03T01:34:49.896Z
NVD
Status : Modified
Published: 2023-09-25T20:15:10.400
Modified: 2024-05-03T16:15:08.987
Link: CVE-2022-4245
Redhat