Hannonhill: Security Vulnerabilities
Hannon Hill Cascade Server 5.7 and other versions allows remote authenticated users to execute arbitrary programs or Java code via a crafted XSLT stylesheet with "extension elements and extension functions" that trigger code execution by Xalan-Java, as demonstrated using xalan://java.lang.Runtime.
CVSS Score
9.0
EPSS Score
0.038
Published
2009-03-25