Show filters
2 Total Results
Displaying 1-2 of 2
Sort by:
Attacker Value
Very High
CVE-2019-0230
Disclosure Date: September 14, 2020 (last updated November 08, 2023)
Apache Struts 2.0.0 to 2.5.20 forced double OGNL evaluation, when evaluated on raw user input in tag attributes, may lead to remote code execution.
1
Attacker Value
Very High
CVE-2020-17530
Disclosure Date: December 11, 2020 (last updated October 07, 2023)
Forced OGNL evaluation, when evaluated on raw user input in tag attributes, may lead to remote code execution. Affected software : Apache Struts 2.0.0 - Struts 2.5.25.
1
