A CWE-94: Improper Control of Generation of Code (โCode Injectionโ) vulnerability exists in Andover Continuum (All versions), which could cause files on the application server filesystem to be viewable when an attacker interferes with an applicationโs processing of XML data.