James-Heinrich Getid3 vulnerabilities

CVE-2014-2053 [HIGH] CWE-611 getID3 is vulnerable to XML External Entity (XXE) getID3 is vulnerable to XML External Entity (XXE) getID3() before 1.9.9, as used in ownCloud Server before 5.0.15 and 6.0.x before 6.0.2, allows remote attackers to read arbitrary files, cause a denial of service, or possibly have other impact via an XML External Entity (XXE) attack.

CVE-2021-40926 [MEDIUM] CWE-79 Cross-site scripting in demos/demo.mysqli.php in getID3 Cross-site scripting in demos/demo.mysqli.php in getID3 Cross-site scripting (XSS) vulnerability in demos/demo.mysqli.php in getID3 1.X and v2.0.0-beta allows remote attackers to inject arbitrary web script or HTML via the showtagfiles parameter.