CVE-2018-1000526
The CVE-2018-1000526 entry concerns OpenPSA with an XML Injection vulnerability in the RSS upload feature, caused by a vulnerable XML processing path. The related Veracode document notes that openpsa/midcom uses an outdated PHP version and calls the insecure method xml_parse_into_struct, which ca...