CVE-2018-1000840
The CVE-2018-1000840 entry is confirmed: Processing Foundation Processing versions 3.4 and earlier are affected by an XML External Entity (XXE) vulnerability in the loadXML() function. This flaw allows an attacker to read arbitrary files and exfiltrate their contents via HTTP requests, exploitabl...