Critical severity9.8OSV Advisory· Published Nov 26, 2018· Updated Jun 17, 2026
CVE-2018-19530
CVE-2018-19530
Description
HTTL (aka Hyper-Text Template Language) through 1.0.11 allows remote command execution because the decodeXml function uses XStream unsafely when configured with an xml.codec=httl.spi.codecs.XstreamCodec setting.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2Patches
Vulnerability mechanics
References
1- github.com/httl/httl/issues/225nvdExploitThird Party Advisory
News mentions
0No linked articles in our index yet.