The vulnerability of Microsoft SQL Server Management Studio’s database management tool lies in the insufficient restriction on XML references to external objects, which allows attackers to exploit this to disclose sensitive information.

The vulnerability of the Microsoft SQL Server Management Studio SSMS database management tool is related to insufficient restrictions on XML references to external objects XML External Entity, XXE. Exploiting this vulnerability can allow a malicious actor to disclose sensitive information using a...