CVE-2019-1903
CVE-2019-1903 affects Cisco Security Manager and is caused by improper restriction of XML entities, enabling XML External Entity (XXE) injection. An unauthenticated remote attacker can submit malicious XML to read local files (information disclosure) or exhaust resources (DoS). Exploitation is de...