Pattern: Import of xml.etree.ElementTree module
Issue: -
Using various methods to parse untrusted XML data is known to be vulnerable to
XML attacks. Replace vulnerable imports with the equivalent defusedxml
package, or make sure defusedxml.defuse_stdlib() is called.
This rule checks for the following imports:
xml.etree.cElementTreexml.etree.ElementTree