Search Results | AttackerKB

Show filters

Clear All

Disclosure Year Disclosure Month

Collection Command and Control Credential Access Defense Evasion Discovery Execution Exfiltration Impact Initial Access Lateral Movement Persistence Privilege Escalation

2 Total Results

Displaying 1-2 of 2

Attacker Value

Very High

CVE-2019-0230

Disclosure Date: September 14, 2020 (last updated November 08, 2023)

Apache Struts 2.0.0 to 2.5.20 forced double OGNL evaluation, when evaluated on raw user input in tag attributes, may lead to remote code execution.

Attacker Value

Very High

CVE-2020-17530

Disclosure Date: December 11, 2020 (last updated October 07, 2023)

Forced OGNL evaluation, when evaluated on raw user input in tag attributes, may lead to remote code execution. Affected software : Apache Struts 2.0.0 - Struts 2.5.25.

Attack Vector: Network Privileges: None User Interaction: None

2 Total Results

Displaying 1-2 of 2

Very High

CVE-2019-0230

Very High

CVE-2020-17530

Quick Cookie Notification