XML external entity (XXE) vulnerability in XMLValidationComponent in SAP NetWeaver Portal 7.31.201109172004 allows remote attackers to send requests to intranet servers via crafted XML, aka SAP Security Note 2093966.Referenceshttp://www.securityfocus.com/archive/1/535826/100/800/threadedhttp://seclists.org/fulldisclosure/2015/Jun/62https://erpscan.io/advisories/erpscan-15-004-sap-netweaver-portal-xmlvalidationcomponent-xxe/http://packetstormsecurity.com/files/132356/SAP-NetWeaver-Portal-7.31-XXE-Injection.html
