CVE-2023-26119

Published April 3rd, 2023

View on NVD ↗

CVSS v3

9.8

CRITICAL

CVSS v2

N/A

Affected

PROJECT

Description

Versions of the package net.sourceforge.htmlunit:htmlunit from 0 and before 3.0.0 are vulnerable to Remote Code Execution (RCE) via XSTL, when browsing the attacker’s webpage.

HtmlUnit/htmlunit

HtmlUnit is a "GUI-Less browser for Java programs".

GitHub

946