Search Results | AttackerKB

3 Total Results

Displaying 1-3 of 3

Attacker Value

Very High

CVE-2019-0230

Disclosure Date: September 14, 2020 (last updated February 22, 2025)

Apache Struts 2.0.0 to 2.5.20 forced double OGNL evaluation, when evaluated on raw user input in tag attributes, may lead to remote code execution.

Attacker Value

Very High

CVE-2020-17530

Disclosure Date: December 11, 2020 (last updated February 22, 2025)

Forced OGNL evaluation, when evaluated on raw user input in tag attributes, may lead to remote code execution. Affected software : Apache Struts 2.0.0 - Struts 2.5.25.

Attack Vector: Network Privileges: None User Interaction: None

Attacker Value

Unknown

CVE-2019-0233

Disclosure Date: September 14, 2020 (last updated February 22, 2025)

An access permission override in Apache Struts 2.0.0 to 2.5.20 may cause a Denial of Service when performing a file upload.

Attack Vector: Network Privileges: None User Interaction: None

3 Total Results

Displaying 1-3 of 3

Very High

CVE-2019-0230

Very High

CVE-2020-17530

Unknown

CVE-2019-0233

Quick Cookie Notification