VDB

CVE-2015-0931

CVE-2015-0931 PUBLISHED CVSS 6.800000190734863 MEDIUM

Ektron Content Management System (CMS) 8.5 and 8.7 before 8.7sp2 and 9.0 before sp1, when the Saxon XSLT parser is used, allows remote attackers to execute arbitrary code via a crafted XSLT document, related to a "resource injection" issue.

EPSS 3.62% · 88.0th percentile

Risk Scores

CVSS 2.0
6.800000190734863
EPSS Score
3.62%
88.0th percentile

Affected Products

VendorProductVersions
n/an/an/a
ektronektron_content_management_system8.5.0, 8.7.0, 8.7.0

Timeline

  • Feb 14, 2015 CVE Published
  • Feb 4, 2022 EPSS Score
  • Mar 7, 2023 EPSS Score
  • Mar 17, 2025 EPSS Score
  • Mar 29, 2025 EPSS Score
  • Mar 30, 2025 EPSS Score
  • Apr 5, 2025 EPSS Score
  • Apr 6, 2025 EPSS Score
  • Apr 12, 2025 CVE Updated
  • May 1, 2025 EPSS Score
  • Jun 1, 2025 EPSS Score
  • Jun 5, 2025 EPSS Score

References

Open in Interactive Console →
$ Console Community · 100/wk Open console ›