Security Advisory
CVE-2019-11519
CVE vulnerability detail — eXtreme Datacenter Security Operations
Description
Libraries/Nop.Services/Localization/LocalizationService.cs in nopCommerce through 4.10 allows XXE via the "Configurations -> Languages -> Edit Language -> Import Resources -> Upload XML file" screen.