I found an XXE vulnerability in one of the apps that using Apache POI for
excel upload, although I'm not sure if it's the same XXE that was
previously known because I've seen online an XXE was found on Apache POI.
If you can provide me with an environment, online upload endpoint where I
can test if it's working on the latest or known, so I can report all the
details and get a CVE assigned to it