Join GitHub today
GitHub is home to over 20 million developers working together to host and review code, manage projects, and build software together.
SAP /sap/bw/xml/soap/xmla XMLA service (XML DOCTYPE) SMB relay #1653
This module exploits the SAP NetWeaver BW XML External Entity vulnerability. An XML External Entities (XXE) issue exists within the XMLA service (XML DOCTYPE) function. The XXE vulnerability in SAP BW can lead to arbitrary file reading or an SMBRelay attack.
SAP Note 1597066 / DSECRG-12-033.