VYPR
High severityNVD Advisory· Published Mar 9, 2015· Updated Jun 17, 2026

CVE-2015-0254

CVE-2015-0254

Description

Apache Standard Taglibs before 1.2.3 allows remote attackers to execute arbitrary code or conduct external XML entity (XXE) attacks via a crafted XSLT extension in a (1) <x:parse> or (2) <x:transform> JSTL XML tag.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
org.apache.taglibs:taglibs-standardMaven
< 1.2.31.2.3
org.apache.taglibs:taglibs-standard-implMaven
< 1.2.31.2.3

Affected products

10

Patches

Vulnerability mechanics

References

32

News mentions

0

No linked articles in our index yet.