CVE-2016-4003

Cross-site scripting XSS vulnerability in the URLDecoder function in JRE before 1.8, as used in Apache Struts 2.x before 2.3.28, when using a single byte page encoding, allows remote attackers to inject arbitrary web script or HTML via multi-byte characters in a url-encoded parameter...

CVE-2016-0785

Apache Struts 2.x before 2.3.28 allows remote attackers to execute arbitrary code via a "%" sequence in a tag attribute, aka forced double OGNL evaluation...

CVE-2016-2162

CVE-2016-2162 affects Apache Struts 2.x where the Locale object created by I18NInterceptor is not sanitized, enabling remote XSS via crafted language-display inputs. The described impact is XSS in the victim’s browser within the web site's context. Affected versions are Struts 2.x prior to 2.3.25...

CVE-2016-2162

Apache Struts 2.x before 2.3.25 does not sanitize text in the Locale object constructed by I18NInterceptor, which might allow remote attackers to conduct cross-site scripting XSS attacks via unspecified vectors involving language display...

CVE-2016-0785

Apache Struts 2.x before 2.3.28 allows remote attackers to execute arbitrary code via a "%" sequence in a tag attribute, aka forced double OGNL evaluation...

CVE-2016-0785

CVE-2016-0785 affects Apache Struts 2.x; vulnerability arises from a double OGNL evaluation in tag attributes (forced OGNL). Affected versions include Struts 2.x before 2.3.29 (with references across IBM advisories and OSVs). Exploitation status is not detailed in the provided documents. Remediat...

CVE-2016-4003

Cross-site scripting XSS vulnerability in the URLDecoder function in JRE before 1.8, as used in Apache Struts 2.x before 2.3.28, when using a single byte page encoding, allows remote attackers to inject arbitrary web script or HTML via multi-byte characters in a url-encoded parameter...

CVE-2016-4003

CVE-2016-4003 is a cross-site scripting (XSS) vulnerability in the URLDecoder component used by Apache Struts 2.x (pre-2.3.28) when a single-byte page encoding is assumed. An attacker can craft a URL-encoded parameter containing multi-byte characters to inject script/HTML in victims’ browsers. Th...

Struts2 Remote Command Execution Vulnerability in OA System of Beijing Hurong Times Software Co.

Beijing Hurong Times Software Co., Ltd OA system is a set of daily operation and management application system for organizations. The OA system of Beijing Hurong Times Software Co., Ltd. suffers from a Struts2 remote command execution vulnerability, which can be exploited by an attacker to remote...

Apache Struts 2.x < 2.3.28 Multiple Vulnerabilities (S2-028) (S2-029) (S2-030) (S2-034)

The version of Apache Struts running on the remote host is 2.x prior to 2.3.28. It is, therefore, affected by the following vulnerabilities : - A cross-site scripting vulnerability exists due to improper validation of user-supplied input when using a single byte page encoding. A remote attacker c...

Apache Struts 2 Tag Attribute Double OGNL Evaluation RCE

The remote web application appears to use Apache Struts 2, a web framework that utilizes OGNL Object-Graph Navigation Language as an expression language. A remote code execution vulnerability exists due to double OGNL evaluation of attribute values assigned to certain tags. An unauthenticated,...

java代码审计基础教程之V2会议系统多个漏洞集合/无需登录

简要描述： 包括 sql注入 任意文件下载 越权 getshell xml实体注入 感谢@loopx9大牛帮助 详细说明： 因为学习java并不是很长时间，也没有做深入的研究。但是在学习之后，发现可以审计出一些简单的javaweb漏洞，所以想这这里和大家分享一下。 0x01审计之初 首先，我拿到了源码之后，大概看了一下这个系统的架构，发现是通过Struts写的。在具体看代码之前，我们先看一下这个会议系统有什么功能，在代码审计的时候，不能一股脑的先跑过去就看代码，我们要学会通过功能去找问题的缺陷。现在以...:8288/Conf/jsp/main/mainAction.do...

Struts2 S2-0 2 9 remote code execution vulnerability: a preliminary study-vulnerability warning-the black bar safety net

0×0 1 Struts2 tag library Struts2 tag libraries to use OGNL expression to access the ActionContext object in the data. In order to be able to access to the ActionContext in the variable, Struts2 the ActionContext is set to OGNL context, and the OGNL with objects added to the ActionContext. In...

Apache Struts I18NInterceptor Cross-Site Scripting Vulnerability

Apache Struts is the United States Apache Apache Software Foundation is responsible for maintaining an open source framework for creating enterprise-class Java Web applications . I18NInterceptor is used in one of the internationalization interceptor . A cross-site scripting vulnerability exists i...

Apache Struts2 Remote Code Execution Vulnerability

Apache Struts is the United States Apache Apache Software Foundation is responsible for maintaining an open source framework for creating enterprise-class Java Web applications. A security vulnerability exists in Apache Struts versions 2.0.0 through 2.3.24.1, which stems from the program performi...

Apache Struts 2 remote code execution vulnerability(CVE-2 0 1 6-0 7 8 5)-vulnerability warning-the black bar safety net

Apache Struts 2 is the world's most popular Java Web serverframework. Unfortunately, however, a security researcher in the Struts 2 on found a remote code execution vulnerability. Currently the Apache official published announcement, the vulnerability risk level is high risk. The black bar safety...

Apache Struts 2 跨站脚本漏洞 (S2-030)

No description provided by source...

VMware ESX / ESXi Third-Party Libraries Multiple Vulnerabilities (VMSA-2012-0013) (remote check)

The remote VMware ESX / ESXi host is missing a security-related patch. It is, therefore, affected by multiple vulnerabilities, including remote code execution vulnerabilities, in several third-party libraries : - Apache Struts - glibc - GnuTLS - JRE - kernel - libxml2 - OpenSSL - Perl - popt and...

Apache Struts Security Bypass Vulnerability (CNVD-2016-01256)

Apache Struts is an open source framework for creating enterprise Java Web applications. A security vulnerability exists in Apache Struts where specific top objects can be used to access strtus' internals, allowing an attacker to bypass security restrictions and perform unauthorized operations...

Apache Struts 2.x < 2.3.24.1 Multiple Vulnerabilities (S2-026) (S2-027)

The version of Apache Struts running on the remote host is 2.x prior to 2.3.24.1. It, therefore, is affected by multiple vulnerabilities including a remote command execution vulnerability and an open redirect vulnerability. Note that Nessus has not tested for these issues but has instead relied...