Package impact
Maven / org.apache.struts.xwork:xwork-core
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2012-0394 | medium | — | 7.8 | 15y ago | Apache Struts's DebuggingInterceptor component allows remote code execution in developer mode | |||
| CVE-2012-0392 | medium | — | 7.8 | 15y ago | Apache Struts's CookieInterceptor component does not use the parameter-name whitelist | |||
| CVE-2012-0393 | medium | — | 7.4 | 15y ago | Apache Struts's ParameterInterceptor component does not prevent access to public constructors | |||
| CVE-2014-0094 | medium | — | 6.0 | 12y ago | ClassLoader manipulation in Apache Struts | |||
| CVE-2012-4387 | medium | — | 5.0 | 14y ago | Denial of service in Apache Struts | |||
| CVE-2011-2088 | medium | — | 5.0 | 15y ago | XWork in Apache Struts Reveals Sensitive Information |