CVE-2018-19530

Summary: 
HTTL (aka Hyper-Text Template Language) through 1.0.11 allows remote command execution because the decodeXml function uses XStream unsafely when configured with an xml.codec=httl.spi.codecs.XstreamCodec setting.
Published: 
Sunday, November 25, 2018 - 21:29
cvss: