### [CVE-2021-3836](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3836)
![](https://img.shields.io/static/v1?label=Product&message=dbeaver%2Fdbeaver&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=%3C%2021.2.3%20&color=brighgreen)
![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-611%20Improper%20Restriction%20of%20XML%20External%20Entity%20Reference&color=brighgreen)

### Description

dbeaver is vulnerable to Improper Restriction of XML External Entity Reference

### POC

#### Reference
- https://huntr.dev/bounties/a98264fb-1930-4c7c-b774-af24c0175fd4

#### Github
No PoCs found on GitHub currently.