Description
IBM Security Access Manager Appliance 9.0.7.0 is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 172018.
Remediation
References
Related Vulnerabilities
PHP Other Vulnerability (CVE-2011-0421)
Oracle Application Server Other Vulnerability (CVE-2001-1216)
Joomla! Core SQL Injection (1.7.0 - 3.9.15)
WordPress Ultimate Member Plugin CVE-2020-36170 Vulnerability (CVE-2020-36170)
ReviveAdserver Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2016-9455)