XML External Entity (XXE) Injection Vulnerability in SAP Identity Management 7.2 and 8.0

CVE-2018-2416 · MEDIUM Severity

AV:N/AC:L/AU:S/C:P/I:N/A:P

SAP Identity Management 7.2 and 8.0 do not sufficiently validate an XML document accepted from an untrusted source.

Learn more about our Web Application Penetration Testing UK.