从这个网页截图中,可以获取到以下关于漏洞的关键信息: 1. 漏洞名称:XXE vulnerability in XSLT transforms in 2. 严重性:High (8.6 / 10) 3. 受影响的版本: - (Maven):< 1.6.22 - (Maven):< 1.6.22 4. 已修复的版本:1.6.22 5. 描述: - XSLT transforms performed by various components are vulnerable to XML external entity injections. A processed XML file with a malicious DTD tag ( ) could produce XML containing data from the host system. This impacts use cases where org.hl7.fhir.publisher is being used to within a host where external clients can submit XML. 6. 漏洞利用: - This issue has been patched as of version 1.6.22 7. 工作绕过: - None 8. 参考链接: - MITRE CWE - OWASP XML External Entity Prevention Cheat Sheet 这些信息可以帮助理解漏洞的性质、影响范围以及如何修复和绕过。