writeups.xyz / OpenOlat - XML external entity (XXE) injection (CVE-2024-28198)

Submitter : c2a

Date: 12 March 2024

Bounty : undisclosed

Vulnerabilities :

• XXE
• Security Code Review

Programs :

• OpenOlat

Authors :

• Maik

Link :
https://secfault-security.com/blog/openolat-xxe.html