lava is vulnerable to Denial Of Service (DoS). The vulnerability exists because the users with valid credentials can submit crafted XMLRPC requests that cause a recursive XML entity expansion, leading to excessive memory use on the server and application crashes.Read More