An issue discovered in OpenKM v6.3.10 allows malicious users to obtain sensitive information via the XMLTextExtractor function.
openkm openkm 6.3.10