Xml Element
The application was found using the `xml.etree` package for processing XML. Pythons default xml processors suffer from various XML parsing vulnerabilities and care must be taken when handling XML data. Additionally, depending on the version of Python, more critical vulnerabilities such as eXternal XML Entity injection maybe exploitable. The `etree` package s
greprules fetch gitlab-sast-python-xml-rule-element --engine opengrepDescription
The application was found using the `xml.etree` package for processing XML. Pythons default xml processors suffer from various XML parsing vulnerabilities and care must be taken when handling XML data. Additionally, depending on the version of Python, more critical vulnerabilities such as eXternal XML Entity injection maybe exploitable. The `etree` package s
Detection target
Not provided
Recommended fix
Not provided
False-positive notes
Not provided
Community feedback
Sign in to report false positives, mark this rule useful, or suggest metadata improvements.