Description
XSLT (Extensible Stylesheet Language Transformations) is a language for transforming XML documents into other XML documents, or other formats such as HTML for web pages, plain text. When the XSLT content is controlled by the user, various attacks are possible as described in the Impact section.
Remediation
Reconfigure your XSLT processor to protect against these attacks.
References
Related Vulnerabilities
XML External Entity Injection via external file
WordPress XML-RPC authentication brute force
Deserialization of Untrusted Data (.NET BinaryFormatter Object Deserialization)
Deserialization of Untrusted Data (Java JSON Deserialization) Jackson
Deserialization of Untrusted Data (Java Object Deserialization)