CVE-2018-17186
CVE-2018-17186 affects Apache Syncope (admin/workflow entitlements) where XML External Entity (XXE) via DTD in workflow definitions allows an attacker to read/write files and execute code. Multiple sources (CNVD/NVD/OSV/Veracode/GHSA) describe the vulnerability as involving DTD processing to perf...