From cdbd3f767336ac81ae9252110eda7e6f185adc69 Mon Sep 17 00:00:00 2001
From: Devin AI <158243242+devin-ai-integration[bot]@users.noreply.github.com>
Date: Thu, 26 Mar 2026 09:13:07 +0000
Subject: [PATCH] fix: resolve CodeQL alert #32 - XML internal entity expansion

---
 vulnerable_xxe.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/vulnerable_xxe.py b/vulnerable_xxe.py
index b9fc887..ce832b0 100644
--- a/vulnerable_xxe.py
+++ b/vulnerable_xxe.py
@@ -1,4 +1,4 @@
-import xml.etree.ElementTree as ET
+import defusedxml.ElementTree as ET
 from flask import Flask, request
 from lxml import etree
 import xml.sax