Vulnerability Details CVE-2023-31890
An XML Deserialization vulnerability in glazedlists v1.11.0 allows an attacker to execute arbitrary code via the BeanXMLByteCoder.decode() parameter.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 37.6%
CVSS Severity
CVSS v3 Score 9.8
References
Products affected by CVE-2023-31890
-
cpe:2.3:a:glazedlists:glazed_lists:1.11.0