7.6 High
AI Score
Confidence
Low
0.005 Low
EPSS
Percentile
76.2%
dotCMS 1.9 before 1.9.5.1 allows remote authenticated users to execute arbitrary Java code via a crafted (1) XSLT or (2) Velocity template.
dotcms.com/dotCMSVersions/
osvdb.org/82240
secunia.com/advisories/49276
www.kb.cert.org/vuls/id/898083
www.securityfocus.com/bid/53688
gist.github.com/2627440
github.com/dotCMS/dotCMS/issues/261
github.com/dotCMS/dotCMS/issues/281