The vulnerability in the GetMdmMessage class of SysAid software allows attackers to perform XXE attacks.
The vulnerability in the GetMdmMessage class of the SysAid software for supporting and controlling hardware and software systems is related to incorrect restrictions on XML links to external objects. Exploiting this vulnerability allows a malicious actor to perform XXE attacks remotely...