Microsoft Windows Enterprise Mode Site List Manager versions 1 and 2 suffer from an XML external entity injection vulnerability.
>> ARCHIVE: 2018-07
Fortify Software Security Center (SSC) 17.x/18.1 – XML External Entity Injection
Microsoft Enterprise Mode Site List Manager – XML External Entity Injection
http://pao-roiet.go.th/m-1.html notified by moncet
http://www.foodsanitation.bangkok.go.th/0.html notified by 0N3R1D3R
http://enconfund.go.th notified by Turkz.Org
macOS and iOS suffer from a javascript injection bug in OfficeImporter.
Barracuda ADC version 5.x suffers from cross site scripting vulnerabilities.
Fortify SSC versions 17.10, 17.20, and 18.10 suffer from an out-of-band XML external entity injection vulnerability.
OpenConext-EngineBlock versions 5.7.0 through 5.7.3suffers from a cross site scripting vulnerability.