CVE-2013-2251

2013-07-20T03:37:00
ID CVE-2013-2251
Type cve
Reporter cve@mitre.org
Modified 2017-09-22T01:29:00

Description

Apache Struts 2.0.0 through 2.3.15 allows remote attackers to execute arbitrary OGNL expressions via a parameter with a crafted (1) action:, (2) redirect:, or (3) redirectAction: prefix.