Gwsync in SAP CRM 7.02 EHP 2 allows remote attackers to obtain sensitive information via unspecified vectors, related to an XML External Entity (XXE) issue.
https://service.sap.com/sap/support/notes/1917054
https://exchange.xforce.ibmcloud.com/vulnerabilities/91098
https://erpscan.io/advisories/erpscan-14-003-sap-crm-gwsync-xxe/