Local file disclosure via XXE injection in Zend_XmlRpc

PKSA-4dxf-7w4v-7w6m

Affected package: zendframework/zendframework1

Affected version: >=1.0.0,<1.11.13

Reported by:
FriendsOfPHP/security-advisories