CVE-2023-49110
CVE-2023-49110 describes an XML External Entity (XXE) injection in Kiuwan SAST when the Kiuwan Local Analyzer uploads scan results. The issue arises during server-side processing of XML files in a ZIP payload, where external XML entities are resolved. A privileged attacker who can scan source cod...