Remote Code Execution (RCE) Vulnerability in HtmlUnit via XSTL
CVE-2023-49093 · HIGH Severity
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
HtmlUnit is a GUI-less browser for Java programs. HtmlUnit is vulnerable to Remote Code Execution (RCE) via XSTL, when browsing the attacker’s webpage. This vulnerability has been patched in version 3.9.0
Learn more about our Web App Pen Testing.