| CVE-2013-2115 |
high |
8.1 |
9.1 |
|
|
|
13y ago |
Code injection in Apache Struts |
| CVE-2016-4430 |
high |
8.8 |
8.8 |
|
|
|
10y ago |
Apache Struts CSRF Vulnerability |
| CVE-2012-0394 |
medium |
— |
7.8 |
|
|
|
15y ago |
Apache Struts's DebuggingInterceptor component allows remote code execution in developer mode |
| CVE-2012-0392 |
medium |
— |
7.8 |
|
|
|
15y ago |
Apache Struts's CookieInterceptor component does not use the parameter-name whitelist |
| CVE-2016-4433 |
high |
7.5 |
7.5 |
|
|
|
10y ago |
Apache Struts Open Redirect |
| CVE-2015-1831 |
high |
— |
7.5 |
|
|
|
11y ago |
Incomplete exclude pattern in Apache Struts |
| CVE-2012-0393 |
medium |
— |
7.4 |
|
|
|
15y ago |
Apache Struts's ParameterInterceptor component does not prevent access to public constructors |
| CVE-2014-0094 |
medium |
— |
6.0 |
|
|
|
12y ago |
ClassLoader manipulation in Apache Struts |
| CVE-2012-4387 |
medium |
— |
5.0 |
|
|
|
14y ago |
Denial of service in Apache Struts |
| CVE-2011-2088 |
medium |
— |
5.0 |
|
|
|
15y ago |
XWork in Apache Struts Reveals Sensitive Information |
