CVE-2020-1693
CVE-2020-1693 affects Spacewalk up to version 2.9. It is an XML External Entity (XXE) vulnerability exposed via the /rpc/api endpoint, allowing an unauthenticated remote attacker to read files and potentially trigger a denial of service or, in some cases, execute arbitrary code on the Spacewalk s...