An authenticated user can perform XML eXternal Entity injection in Management Console in Symantec Identity Manager 14.4Referenceshttps://support.broadcom.com/external/content/SecurityAdvisories/0/21136
