0.001 Low
EPSS
Percentile
24.1%
An administrator with workflow definition entitlements can use DTD to perform malicious operations, including but not limited to file read, file write, and code execution.
syncope.apache.org/security#CVE-2018-17186:_XXE_on_BPMN_definitions