CVE-2013-0505
IBM Sterling Order Management is affected by CVE-2013-0505 through multiple older release lines: 8.0 before HF127, 8.5 before HF89, 9.0 before HF69, 9.1.0 before FP41, and 9.2.0 before FP13. The vulnerability is an XPath injection allowing remote authenticated users to read arbitrary XML files vi...