Show filters
2 Total Results
Displaying 1-2 of 2
Sort by:
Attacker Value
Very High

CVE-2019-0230

Disclosure Date: September 14, 2020 (last updated November 08, 2023)
Apache Struts 2.0.0 to 2.5.20 forced double OGNL evaluation, when evaluated on raw user input in tag attributes, may lead to remote code execution.
Attacker Value
Very High

CVE-2020-17530

Disclosure Date: December 11, 2020 (last updated October 07, 2023)
Forced OGNL evaluation, when evaluated on raw user input in tag attributes, may lead to remote code execution. Affected software : Apache Struts 2.0.0 - Struts 2.5.25.