[HIGH] Kimai has an XXE Leading to Local File Read

PKSA-xxx2-wfk5-mvc4 GHSA-534c-hcr7-67jg

Affected package: kimai/kimai

Affected version: <=2.20.1

Reported by:
GitHub