CVE advisoryCRITICAL
CVE-2020-25912
Symphony XML External Entity Vulnerability
Halo Surface Signal: 4 out of 5 — likely to be public-facing.
A critical XML External Entity (XXE) vulnerability exists in Symphony's XML processing, potentially allowing unauthenticated attackers to access sensitive information or cause denial of service. This issue is considered externally exposed, meaning it could be reachable by internet users, making an assessment of affecte