CVE-2001-0126 Information

Description

Oracle XSQL servlet 1.0.3.0 and earlier allows remote attackers to execute arbitrary Java code by redirecting the XSQL server to another source via the xml-stylesheet parameter in the xslt stylesheet.

Reference

http://marc.info/?l=bugtraq&m=97906670012796&w=2 http://marc.info/?l=bugtraq&m=98027700625521&w=2 https://exchange.xforce.ibmcloud.com/vulnerabilities/5905