Microsoft Authorization Manager 6.1.7601 XXE Injection

Microsoft Authorization Manager version 6.1.7601 suffers from an XML external entity (XXE) injection vulnerability that allows for file exfiltration.

Continue reading...