CVE-2017-17762

XML external entity (XXE) vulnerability in Episerver 7 patch 4 and earlier allows remote attackers to read arbitrary files via a crafted DTD in an XML request involving util/xmlrpc/Handler.ashx. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt