ventrian News-ArticlesXML External Entity Injection Vulnerability
ventrian News-Articles is a backend system for publishing and managing news. An XML external entity injection vulnerability exists in the News-Articles/API/MetaWebLog/Handler.ashx.vb file in ventrian News-Articles version 00.09.11. An attacker can use this vulnerability to read arbitrary files on...