DNN version 9.1 suffers from a cross site scripting issue that can be achieved via an XML vulnerability.
524165c60ed031fcefc4fdd7b52e564af0f4bd3450ce057e38a1662da131284e
BlogEngine version 3.3 suffers from an XML external entity injection vulnerability.
81c346a488af94a4a6e50a7ba4ba5ee7fc1f737b31b6ae0ecbd0220b1a149de6