XXE Vulnerability in Bluecat Device Registration Portal (DRP) CVE-2023-23595 Summary Bluecat device registration portal / Bluecat DRP version 2 is vulnerable to information leakage via XML External Entity Injection / XXE Tested on version 22 Version 2 is no longer supported by the vendor I was only able to extract single line files - /etc/issuenet for example This appears