XSLT injection
Description
XSLT (Extensible Stylesheet Language Transformations) is a language for transforming XML documents into other XML documents, or other formats such as HTML for web pages, plain text. When the XSLT content is controlled by the user, various attacks are possible as described in the Impact section.
Remediation
Reconfigure your XSLT processor to protect against these attacks.