EPSS
Percentile
73.6%
esigate-core is vulnerable to remote code execution (RCE). The ESIGate supports esi:include tag along with stylesheet attribute which would allow a remote attacker to execute code on the server with a user specified XSLT.
esi:include
github.com/esigate/esigate/pull/199