CVE-2024-8010
The CVE-2024-8010 entry concerns an XML External Entity (XXE) injection in WSO2 API Manager where XML input accepted through the publisher does not disable external entity resolution. This allows a remote attacker to read confidential files from the product’s filesystem or access limited HTTP res...