The vulnerability of the `com.ilient.agentApi.LshwAgent#doPost` method in the SysAid hardware and software support and control automation software allows attackers to perform XXE attacks.
The vulnerability of the com.ilient.agentApi.LshwAgentdoPost method in SysAid’s automation software for supporting and controlling hardware and software systems is related to incorrect restrictions on XML links to external objects during the processing of the /lshw endpoint. Exploiting this...