Description
Ektron Content Management System version 8.5, 8.7, and 9.0 contain a resource injection vulnerability by using an improperly configured XML parser. By default, Ektron utilizes the Microsoft XML parser to parse XSLT documents, which is not vulnerable. If an attacker specifies use of the Saxon XSLT parser instead, and sends it a specially crafted XSLT document, the attacker may be able to run arbitrary code at the privilege level of the application.
Remediation
Upgrade to the latest version of EktronCMS. This problem was fixed with Security Update 3 (Releases 8.02 SP5 to 9.10 SP1).
References
Related Vulnerabilities
VMware Workspace ONE Access SSTI (CVE-2022-22954)
Sitecore XP Deserialization RCE (CVE-2021-42237)
WordPress 2.1.1 Command Execution Backdoor Vulnerability (2.1.1)
WordPress Plugin CM Download Manager Code Injection (2.0.3)
WordPress Plugin Photo Gallery, Images, Slider in Rbs Image Gallery Remote Code Execution (2.0.14)