CVE-2018-1730
IBM QRadar SIEM is vulnerable to XML External Entity (XXE) injection when processing XML data. Affected versions are QRadar SIEM 7.2.0–7.2.8 Patch 13 and 7.3.0–7.3.1 Patch 6. The root cause is improper handling of external XML entities, enabling a remote attacker to exfiltrate sensitive informati...