CVE-2018-16252
FsPro Labs Event Log Explorer 4.6.1.2115 is affected by an XML External Entity (XXE) injection in the .elx FileType, due to a flaw in the elex.exe handling of crafted ELX files. An attacker can trigger local file disclosure by opening a malicious .elx file, as demonstrated in public writeups. The...