neha.elsa-george

JasperReports uses an old iText version to create reports. The iText version in use has reached End of Life. iText 2 is no longer developed or supported, which means no security updates will be provided. This version in use is vulnerable to an XML external entities (XXE) attack. JasperReports contains a vulnerability that might allow attackers to gain full control of a web interface and perform attacks on other users of the application. Does ant one has any solution to this issue?