CVE-2015-3000
SysAid Help Desk before 15.2 is affected by an XML Entity Expansion (XEE) vulnerability that can be triggered via requests to /agententry, /rdsmonitoringresponse, or /androidactions, allowing denial of service through large nested entity references. Root cause is improper handling of XML entities...