CVE-2020-6856
CVE-2020-6856 affects SOS JobScheduler’s JOC Cockpit (versions 1.12 and 1.13.2). The issue is an XML External Entity (XEE) vulnerability where an entity declaration in XML used to specify runtime settings for jobs/orders can cause an attacker to read server files. Connected sources consistently d...