The vulnerability of the Apache Struts software platform, which allows a hacker to trigger a service failure

The vulnerability of the URLValidator class in the Apache Struts software framework exists due to insufficient validation of input data. Exploiting this vulnerability allows an attacker, operating remotely, to cause a service failure by using a null value in the URL field...

The vulnerability of the Apache Struts software platform, which allows a hacker to cause a service failure or execute arbitrary code.

The vulnerability of the Apache Struts software platform is related to errors in the code. Exploiting this vulnerability allows a malicious actor to execute arbitrary code or trigger a denial-of-service attack through a combined request...

The vulnerability of the Apache Struts software platform, which allows attackers to circumvent existing access restrictions

The vulnerability of the Apache Struts software platform exists due to insufficient validation of input data. Exploiting this vulnerability allows a malicious actor to circumvent existing access restrictions by using the default method...

The vulnerability of the Apache Struts software platform, which allows attackers to circumvent existing access restrictions

The vulnerability of the MultiPageValidator implementation in the Apache Struts software platform exists due to insufficient validation of input data. Exploiting this vulnerability allows an attacker to bypass existing access restrictions by modifying page parameters remotely...

The vulnerability of the Apache Struts software platform, which allows attackers to circumvent existing access restrictions

The vulnerability of the Apache Struts software platform exists due to insufficient validation of input data. Exploiting this vulnerability allows a malicious actor to bypass existing access restrictions by using a specially created request...

The vulnerability of the Apache Struts software platform, which allows a hacker to execute arbitrary code

The vulnerability of the REST plugin for the Apache Struts software platform exists due to insufficient validation of input data. Exploiting this vulnerability allows a malicious actor to execute arbitrary code using a specially created expression...

The vulnerability of the Apache Struts software platform, which allows attackers to trigger service failures or perform XSS attacks.

The vulnerability of the ActionServlet.java file on the Apache Struts software platform exists due to insufficient validation of input data. Exploiting this vulnerability allows a malicious actor to perform XSS attacks or cause service failures by using specially crafted input data...

Apache Struts URLValidator Denial of Service (CVE-2016-4465)

A denial of service vulnerability exists in Apache Struts URLValidator. The vulnerability is due to insufficient validation of crafted URLs by the URLValidator. A remote, unauthenticated attacker could exploit this vulnerability by sending a crafted HTTP request to a Struts 2 application...

Fedora 23 : struts (2016-21bd6a33af)

Security fix for CVE-2016-1181, CVE-2016-1182 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues...

Fedora 24 : struts (2016-d717fdcf74)

Security fix for CVE-2016-1181, CVE-2016-1182 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues...

Apache Archiva 1.3.9 - Multiple Cross-Site Request Forgery Vulnerabilities

Exploit for php platform in category web applications 1. ADVISORY INFORMATION ======================= Product: Apache Archiva Vendor URL: https://archiva.apache.org Type: Cross-Site Request Forgery CWE-253 Date found: 2016-05-31 Date published: 2016-07-11 CVSSv3 Score: 5.4...

Updated struts packages fix security vulnerabilities

Updated struts packages fix security vulnerabilities: A vulnerability in Apache Struts 1 ActionForm allowing unintended remote operations against components on server memory, such as Servlets and ClassLoader, was found CVE-2016-1181. It was reported that The Apache Struts 1 Validator contains a...

MGASA-2016-0244 Updated struts packages fix security vulnerabilities

Updated struts packages fix security vulnerabilities: A vulnerability in Apache Struts 1 ActionForm allowing unintended remote operations against components on server memory, such as Servlets and ClassLoader, was found CVE-2016-1181. It was reported that The Apache Struts 1 Validator contains a...

CVE-2016-4438

The REST plugin in Apache Struts 2 2.3.19 through 2.3.28.1 allows remote attackers to execute arbitrary code via a crafted expression...

The vulnerability of the implementation of the getClass method in the Apache Struts software framework allows attackers to execute arbitrary code.

The vulnerability of the “getClass” method implementation in the Apache Struts software framework is related to deficiencies in access control when using the ParametersInterceptor class with the class parameter. Exploiting this vulnerability allows an attacker to execute arbitrary code by sending...

The vulnerability of the implementation of the getClass method in the CookieInterceptor class of the Apache Struts software framework allows a hacker to gain access to read, modify, or delete data.

The vulnerability of the CookieInterceptor class implementation in the Apache Struts software platform is related to deficiencies in access control when processing the cookiesName parameter with the symbol “”. Exploiting this vulnerability can allow an attacker to gain access to, read, modify, or...

The vulnerability of the implementation of the getClass method in the CookieInterceptor class of the Apache Struts software framework allows a hacker to execute arbitrary code.

The vulnerability of the CookieInterceptor class implementation in the Apache Struts software platform is related to deficiencies in access control when processing the cookiesName value with a placeholder. Exploiting this vulnerability could allow an attacker to execute arbitrary code by sending ...

CVE-2016-4465

The URLValidator class in Apache Struts 2 2.3.20 through 2.3.28.1 and 2.5.x before 2.5.1 allows remote attackers to cause a denial of service via a null value for a URL field...

CVE-2016-4465

The URLValidator class in Apache Struts 2 2.3.20 through 2.3.28.1 and 2.5.x before 2.5.1 allows remote attackers to cause a denial of service via a null value for a URL field...

CVE-2016-4438

The REST plugin in Apache Struts 2 2.3.19 through 2.3.28.1 allows remote attackers to execute arbitrary code via a crafted expression...