CVE-2022-34001
Unit4 ERP (up to v7.9) is affected by a XXE vulnerability in the ExecuteServerProcessAsynchronously path. The root cause is an XML External Entity injection in that component, enabling potential disclosure of sensitive data via network-exposed input. Public details in connected sources confirm th...