PT-2013-36: XML External Entity Injection in Wonderware Win-XML Exporter
Positive Research Center experts have discovered "XML External Entity Injection" vulnerability in Wonderware Win-XML Exporter. If an attacker manages to make a victim open a project that contains specially crafted XML, Wonderware Win-XML Exporter will automatically send the contents of local or...