libxml_disable_entity_loader(true) is never called in mahara, which means that xml functionalities are vulnerable to http://projects.webappsec.org/w/page/13247003/XML%20External%20Entities
can be fixed by adding libxml_disable_entity_loader(true) in init.
Reported by Mike Haworth.
libxml_ disable_ entity_ loader( true) is never called in mahara, which means that xml functionalities are vulnerable to http:// projects. webappsec. org/w/page/ 13247003/ XML%20External% 20Entities
can be fixed by adding libxml_ disable_ entity_ loader( true) in init.
Reported by Mike Haworth.