Lucene search

K
cvelistRedhatCVELIST:CVE-2015-0254
HistoryMar 09, 2015 - 2:00 p.m.

CVE-2015-0254

2015-03-0914:00:00
redhat
www.cve.org

9.3 High

AI Score

Confidence

High

0.07 Low

EPSS

Percentile

94.0%

Apache Standard Taglibs before 1.2.3 allows remote attackers to execute arbitrary code or conduct external XML entity (XXE) attacks via a crafted XSLT extension in a (1) <x:parse> or (2) <x:transform> JSTL XML tag.

References