IBM Operational Decision Manager External Entity Injection (CVE-2018-1821)
An XML external entity XXE injection vulnerability exist in IBM Operational Decision. The vulnerability is due to a failure to properly handle external entity references in XML files. A remote attacker could exploit this vulnerability by enticing a target user into opening a crafted XML file with...