Comment by p0w3n3d 3 months ago what exactly is the security concern with xslt? 4 comments p0w3n3d Reply TingPing 3 months ago It parses untrusted input, the library is basically unmaintained, it’s not often audited but anytime someone looks they find a CVE. JimDabell 3 months ago This is answered in the article. jeffbee 3 months ago XSLT the idea contains few (but not zero) unavoidable security flaws.libxslt the library is a barely-maintained dumpster fire of bad practices. ryoshu 3 months ago They should audit LLMs.
TingPing 3 months ago It parses untrusted input, the library is basically unmaintained, it’s not often audited but anytime someone looks they find a CVE.
jeffbee 3 months ago XSLT the idea contains few (but not zero) unavoidable security flaws.libxslt the library is a barely-maintained dumpster fire of bad practices. ryoshu 3 months ago They should audit LLMs.
It parses untrusted input, the library is basically unmaintained, it’s not often audited but anytime someone looks they find a CVE.
This is answered in the article.
XSLT the idea contains few (but not zero) unavoidable security flaws.
libxslt the library is a barely-maintained dumpster fire of bad practices.
They should audit LLMs.