Vulnerabilities (CVE)

Filtered by vendor Apache Subscribe
Filtered by product Standard Taglibs
Total 1 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2015-0254 2 Apache, Canonical 2 Standard Taglibs, Ubuntu Linux 2024-11-21 7.5 HIGH N/A
Apache Standard Taglibs before 1.2.3 allows remote attackers to execute arbitrary code or conduct external XML entity (XXE) attacks via a crafted XSLT extension in a (1) <x:parse> or (2) <x:transform> JSTL XML tag.