XXE Vulnerability in SaveUserSettings service in SDL Web 8.5.0 allows reading sensitive files

XXE Vulnerability in SaveUserSettings service in SDL Web 8.5.0 allows reading sensitive files

CVE-2018-19371 · MEDIUM Severity

AV:N/AC:L/AU:S/C:P/I:N/A:N

The SaveUserSettings service in Content Manager in SDL Web 8.5.0 has an XXE Vulnerability that allows reading sensitive files from the system.

Learn more about our Web App Pen Testing.