Posted by SEC Consult Vulnerability Lab on Oct 31
SEC Consult Vulnerability Lab Security Advisory < 20141031-0 >
=======================================================================
title: XML External Entity Injection (XXE) and Reflected XSS
product: Scalix Web Access
vulnerable version: 11.4.6.12377 and 12.2.0.14697
fixed version: –
impact: Critical
homepage: http://www.scalix.com/
found: 2014-08-27…