CVE-2023-46502: OpenCRX allows a remote attacker to execute arbitrary code via a crafted request

Severity: Critical

CVSS Score: 9.8

An issue in openCRX v.5.2.2 allows a remote attacker to read internal files and execute server side request forgery attack via insecure DocumentBuilderFactory.