High severity vulnerability that affects org.apache.struts:struts2-core

2018-10-16T19:35:40
ID GHSA-8FX9-5HX8-CRHM
Type github
Reporter GitHub Advisory Database
Modified 2019-07-03T21:02:03

Description

In Apache Struts 2.0.1 through 2.3.33 and 2.5 through 2.5.10, using an unintentional expression in a Freemarker tag instead of string literals can lead to a RCE attack.