CVE-2019-13990: libquartz: XXE attacks via job description

Severity: Critical

CVSS Score: 9.8

initDocumentParser in xml/XMLSchedulingDataProcessor.java in Terracotta Quartz Scheduler through 2.3.0 allows XXE attacks via a job description.