Lordoza

**Name of the Vulnerable Software and Affected Versions** IBM Security Access Manager for Enterprise Single Sign-On version 8.2.2 **Description** The issue allows a remote attacker to expose sensitive information or consume memory resources through an XML External Entity Injection (XXE) attack when processing XML data. **Recommendations** For IBM Security Access Manager for Enterprise Single Sign-On version 8.2.2, consider disabling XML data processing until a patch is available to prevent XXE attacks. Restrict access to sensitive information and monitor memory resources to minimize the risk of exploitation.