XML External Entity (XXE) Vulnerability in Python's plistlib Module
CVE-2022-48565 · CRITICAL Severity
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
An XML External Entity (XXE) issue was discovered in Python through 3.9.1. The plistlib module no longer accepts entity declarations in XML plist files to avoid XML vulnerabilities.
Learn more about our External Network Penetration Testing.