CVE-2023-7307
CVE-2023-7307 affects Sangfor Behavior Management System (DC Management System). The vulnerability is an XML external entity (XXE) injection in the /src/sangforindex endpoint caused by improper XML parser configuration, allowing a remote, unauthenticated attacker to submit crafted XML that can di...