When receiving XML encoded AMF messages containing DTD entities, the default XML parser configurations allows expanding of entities to local resources. A request that included a specially crafted request parameter could be used to access content that would otherwise be protected.
69d5afa3639558f66a8f98807a33cbb05547e69350539f5291a75ad6c03267b4