| CVE-2013-2251 |
unknown |
— |
2.5 |
|
|
|
4y ago |
Apache Struts allows remote attackers to execute arbitrary Object-Graph Navigation Language (OGNL) expressions. |
| CVE-2012-0391 |
unknown |
— |
2.5 |
|
|
|
4y ago |
The ExceptionDelegator component in Apache Struts 2 before 2.2.3.1 contains an improper input validation vulnerability that allows for remote code execution. |
| CVE-2020-17530 |
unknown |
— |
2.5 |
|
|
|
4y ago |
Forced Object-Graph Navigation Language (OGNL) evaluation in Apache Struts, when evaluated on raw user input in tag attributes, can lead to remote code execution. |
| CVE-2018-11776 |
unknown |
— |
2.5 |
|
|
|
8y ago |
Apache Struts contains a vulnerability that allows for remote code execution under two circumstances. One, where the alwaysSelectFullNamespace option is true and the value isn't set for a result defi… |
| CVE-2017-5638 |
unknown |
— |
2.5 |
|
|
|
8y ago |
Apache Struts Jakarta Multipart parser allows for malicious file upload using the Content-Type value, leading to remote code execution. |
