PostgreSQL JDBC Driver Vulnerability in PgJDBC
CVE-2020-13692
7.7HIGH
What is CVE-2020-13692?
The PostgreSQL JDBC Driver, also known as PgJDBC, is at risk of XML External Entity (XXE) injection due to improper handling of XML input in versions prior to 42.2.13. This flaw could allow an attacker to exploit the application’s parsing of XML data, potentially resulting in unauthorized access to sensitive data and services. It is recommended to update to version 42.2.13 or later to mitigate this vulnerability.