The host is installed with JetBrains IntelliJ IDEA before 2022.3 and is prone to an XML External Entity (XXE) vulnerability. A flaw is present in the application, which fails to handle unspecified vector. Successful exploitation allows attackers to cause an XXE attack leading to SSRF via requests to custom plugin repositories was possible.