Apache Struts 2.0-2.5.22 - Unrestricted Upload of File with Dangerous Type via Malformed XSLT Processing
A local code execution issue exists in Apache Struts2 when processing malformed XSLT files, which could let a malicious user upload and execute arbitrary files.