CVE-2025-66372

Published November 28th, 2025

View on NVD ↗

CVSS v3

2.8

LOW

CVSS v2

N/A

Affected

1

PROJECT

Description

Mustang before 2.16.3 allows exfiltrating files via XXE attacks.

ZUGFeRD/mustangproject

Open Source Java e-Invoicing library, validator and tool (Factur-X/ZUGFeRD, UNCEFACT/CII XRechnung)

GitHub

426