CVE-2017-8918
XXE in Blackwave Dive Assistant – Desktop Edition 8.0 (Dive Assistant Template Builder) allows an attacker to view local files via a crafted template.xml. The vulnerability is XML External Entity (XXE) injection in the template builder that processes XML templates, enabling local-file disclosure....