CVE-2024-31573

Published October 17th, 2025

View on NVD ↗

CVSS v3

MEDIUM

CVSS v2

N/A

Affected

PROJECT

Description

XMLUnit for Java before 2.10.0, in the default configuration, might allow code execution via an untrusted stylesheet (used for an XSLT transformation), because XSLT extension functions are enabled.

xmlunit/xmlunit

XMLUnit for Java 2.x

GitHub

312