Apache Syncope XML External Entity Injection Vulnerability
Apache Syncope is an open source system for managing digital identities in enterprise environments, implemented using Java EE technology and released under the Apache 2.0 license. Apache Syncope suffers from an XML external entity injection vulnerability. An administrator with workflow definition...