CVE-2019-11392
BlogEngine.NET 3.3.7 and earlier are affected by an XXE via an apml file to the syndication.axd endpoint. Root cause: external entity processing in the app. Impact: potential exposure of sensitive data. Affected versions: 3.3.7 and earlier. Remediation: disable the syndication.axd endpoint until ...