CVE-2019-3773: spring-ws: XML External Entity Injection (XXE) when receiving XML data from untrusted sources

Severity: Critical

CVSS Score: 9.8

Spring Web Services, versions 2.4.3, 3.0.4, and older unsupported versions of all three projects, were susceptible to XML External Entity Injection (XXE) when receiving XML data from untrusted sources.