XML Entity Injection Vulnerability in oscshop2 Backend
oscshop2 is an open source free B2C mall system designed using thinkphp5, including micro-channel cell phone, follow the Apache2 open source agreement release. oscshop2 backend XML entity injection vulnerability exists . Attackers can use the vulnerability to obtain sensitive information...