CVE-2018-19371
CVE-2018-19371 concerns the SDL Web Content Manager (Build 8.5.0) where the SaveUserSettings web service is vulnerable to an XML External Entity (XXE) injection. The underlying issue allows an attacker to read sensitive files from the server, leveraging XML values passed to the SaveUserSettings e...