Ektron » Ektron Content Management System : Security Vulnerabilities, CVEs, Published In 2017 (Code Execution)
CVE-2012-5357
Public exploit
Ektron Content Management System (CMS) before 8.02 SP5 uses the XslCompiledTransform class with enablescript set to true, which allows remote attackers to execute arbitrary code with NETWORK SERVICE privileges via crafted XSL data.
Max CVSS
9.8
EPSS Score
96.68%
Published
2017-10-30
Updated
2017-11-18
1 vulnerabilities found