CVE-2018-14485 BlogEngine.NET 3.3 allows XXE attacks via the POST body to metaweblog.axd. Source: NIST CVE-2018-14485 May 7, 2019 by admin Uncategorized