CVE-2020-4875
IBM Cognos Controller (versions 10.4.0, 10.4.1, 10.4.2) is affected by CVE-2020-4875: an XML External Entity Injection (XXE) when processing XML data, enabling a remote attacker to expose sensitive information or exhaust memory. Remediation is to upgrade to fixed builds: 10.4.0 IF11, 10.4.1 IF12,...