A critical XML External Entity (XXE) vulnerability has been disclosed in the Syncope identity management console. The flaw could allow administrators to expose sensitive user data and compromise session security inadvertently. The vulnerability, tracked as CVE-2026-23795, affects multiple versions of the platform and requires immediate patching. The improper restriction of XML External Entity references in
The post Apache Syncope Vulnerability Let Attackers Hijack User Sessions appeared first on Cyber Security News. Read More
Posted inNews