Uploaded image for project: 'Portal'
  1. Portal
  2. PORTAL-155 Review security issues: portal
  3. PORTAL-168

CVE-2015-0254 JSTL-Upgrade to 1.2.3+

XMLWordPrintable

    • Icon: Sub-task Sub-task
    • Resolution: Done
    • Icon: Medium Medium
    • Beijing Release
    • None
    • None
    • None
    • Portal Sprint 6, Portal Sprint 7

      Apache Standard Taglibs before 1.2.3 allows remote attackers to execute arbitrary code or conduct external XML entity (XXE) attacks via a crafted XSLT extension in a (1) <x:parse> or (2) <x:transform> JSTL XML tag.

            sa282w sa282w
            farhan mir farhan mir
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

              Created:
              Updated:
              Resolved: