A XML External Entity vulnerability combined with an authenticated OS command injection in SysAid on-prem allows unauthenticated remote attackers to leak arbitrary files wich may lead to the execution of OS system commands.
CVE Link
Exploit Platform
Exploit Type
Product Name