CVE-2014-8590

XML external entity (XXE) vulnerability in the Web Service Navigator in SAP NetWeaver Application Server (AS) Java allows remote attackers to access arbitrary files via a crafted request.

Date published : 2014-11-04

http://www.securityfocus.com/bid/71023

http://blog.onapsis.com/analyzing-sap-security-notes-october-2014-edition/