Arbitrary Code Execution Vulnerability in Ektron CMS 8.5 and 8.7
CVE-2015-0931 · MEDIUM Severity
AV:N/AC:M/AU:N/C:P/I:P/A:P
Ektron Content Management System (CMS) 8.5 and 8.7 before 8.7sp2 and 9.0 before sp1, when the Saxon XSLT parser is used, allows remote attackers to execute arbitrary code via a crafted XSLT document, related to a "resource injection" issue.
Learn more about our Cms Pen Testing.