Apache Struts 2.0.0 through 2.3.15 allows remote attackers to execute arbitrary OGNL expressions via a parameter with a crafted (1) action:, (2) redirect:, or (3) redirectAction: prefix.
Metrics
Affected Vendors & Products
References
History
Tue, 13 Aug 2024 23:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
References |
|
MITRE
Status: PUBLISHED
Assigner: redhat
Published: 2013-07-18T01:00:00
Updated: 2024-08-06T15:27:41.156Z
Reserved: 2013-02-19T00:00:00
Link: CVE-2013-2251
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2013-07-20T03:37:30.737
Modified: 2024-07-16T17:57:08.107
Link: CVE-2013-2251
Redhat