Hannonhill : Security Vulnerabilities, CVEs, CVSS score >= 6
Hannon Hill Cascade Server 5.7 and other versions allows remote authenticated users to execute arbitrary programs or Java code via a crafted XSLT stylesheet with "extension elements and extension functions" that trigger code execution by Xalan-Java, as demonstrated using xalan://java.lang.Runtime.
Max CVSS
9.0
EPSS Score
1.82%
Published
2009-03-25
Updated
2018-10-10
1 vulnerabilities found