BMC Smart Reporting version 7.3 20180418 suffers from an XML external entity injection vulnerability.
6536109e0769a8776234090cb04b9f1ec1423d5b3cba0b53476bf8dd5cbe1c28
Enghouse Interactive's CCSP version 7.2.5 suffers from API related XML external entity injection server-side request forgery vulnerabilities.
151c76794d4ccd4d9aa596491adf39a0dabc0dbec6080ead52560069382aa6ef