CVE-2018-20059: Improper Restriction of XML External Entity Reference in pippo-core

Severity: Critical

CVSS Score: 9.8

jaxb/JaxbEngine.java in Pippo 1.11.0 allows XXE.