XSLT Injection
- Risk:
Medium
- Type:
- Active
- CWE:
- CWE-91
- Summary
Injection using XSL transformations may be possible, and may allow an attacker to read system information, read and write files, or execute arbitrary code.
- Solution
Sanitize and analyze every user input coming from any client-side.
Latest Security News
Common Alerts
InformationalSec-Fetch-Mode Header Has an Invalid Value
InformationalGET for POST
InformationalLoosely Scoped Cookie
InformationalStorable but Non-Cacheable Content
Top CVE List
Top CWE List
Free security scan for your website