OpenCats version 0.9.4-2 suffers from an XML external entity injection vulnerability. Continue reading...