4 matches found
GHSA-HJM9-576Q-399P Remote Code Execution in esigate-core
esigate.org esigate version 5.2 and earlier contains a CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component 'Injection' vulnerability in ESI directive with user specified XSLT that can result in Remote Code Execution. This attack appear to be exploitable vi...
Remote Code Execution in esigate-core
esigate.org esigate version 5.2 and earlier contains a CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component 'Injection' vulnerability in ESI directive with user specified XSLT that can result in Remote Code Execution. This attack appear to be exploitable vi...
CVE-2018-1000854
esigate.org esigate version 5.2 and earlier contains a CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component 'Injection' vulnerability in ESI directive with user specified XSLT that can result in Remote Code Execution. This attack appear to be exploitable vi...
CVE-2018-1000854
CVE-2018-1000854 concerns esigate.org esigate, affected up to version 5.2. The vulnerability arises from CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') in the ESI directive that uses user-specified XSLT, enabling remote code execution. T...