id	summary	reporter	owner	description	type	status	priority	milestone	component	version	resolution	keywords	cc
19286	[PATCH] External entities are resolved when parsing tagging presets	hiddewie	team	"This problem can cause a security vulnerability if users use tagging presets from an untrusted source.

By having a preset installed that references an XML external entity, information from the local system may be disclosed. Also see https://owasp.org/www-community/vulnerabilities/XML_External_Entity_(XXE)_Processing and https://cheatsheetseries.owasp.org/cheatsheets/XML_External_Entity_Prevention_Cheat_Sheet.html.

Also added some tests for the other (safe) XML utility methods that already worked safely."	defect	closed	normal	20.06	Core		fixed	security external