Details

    • Sprint:
      Repo vulnerabilities sprint 2
    • Delivery Team:
      Feature Teams
    • Template:

      Description

      jstl-1.2.jar
      CVE-2015-0254
      CVSS2 Score 7.5

       Apache Standard Taglibs before 1.2.3 allows remote attackers to execute arbitrary code or conduct external XML entity (XXE) attacks via a crafted XSLT extension in a (1) <x:parse> or (2) <x:transform> JSTL XML tag.

        Attachments

          Issue Links

            Structure

              Activity

                People

                • Assignee:
                  Unassigned
                  Reporter:
                  glazar George Lazar [X] (Inactive)
                • Votes:
                  0 Vote for this issue
                  Watchers:
                  4 Start watching this issue

                  Dates

                  • Created:
                    Updated:
                    Resolved:

                    Structure Helper Panel