CVE-2022-45194 Information

Description

CBRN-Analysis before 22 allows XXE attacks via am mws XML document leading to NTLMv2-SSP hash disclosure.

Reference

https://zigrin.com/advisories/cbrn-analysis-external-xml-entity-injection/