9.7 High
AI Score
Confidence
High
0.959 High
EPSS
Percentile
99.5%
XSLTResult in Apache Struts 2.x before 2.3.20.2, 2.3.24.x before 2.3.24.2, and 2.3.28.x before 2.3.28.1 allows remote attackers to execute arbitrary code via the stylesheet location parameter.
struts.apache.org/docs/s2-031.html
www.securityfocus.com/bid/88826
www.securitytracker.com/id/1035664