Retrieve OAuth2 or Personal Accesss Tokens for Visual Studio Team Services (visualstudio.com) accounts. Also provides secure storage for those secrets on different platforms.
Hello:
We found a problem about XML External Entity Injection in vsts-authentication-library-for-java.
com.microsoft.alm.storage.InsecureFileBackend.java
The xml external entity is not disabled when parsing the xml. When parsing the xml controlled by the attacker, there is an xml external entity injection risk.
Hello: We found a problem about XML External Entity Injection in vsts-authentication-library-for-java. com.microsoft.alm.storage.InsecureFileBackend.java
The xml external entity is not disabled when parsing the xml. When parsing the xml controlled by the attacker, there is an xml external entity injection risk.