2021-10-07 06:24:36
Ping Identity
PUBLISHED
Ping Identity PingFederate before 10.3.1 mishandles pre-parsing validation, leading to an XXE attack that can achieve XML file disclosure.