Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

3 matches found

SUSE CVE
SUSE CVEadded 2023/02/15 5:38 a.m.4 views

SUSE CVE-2013-2251

Apache Struts 2.0.0 through 2.3.15 allows remote attackers to execute arbitrary OGNL expressions via a parameter with a crafted 1 action:, 2 redirect:, or 3 redirectAction: prefix...

9.8CVSS8.1AI score0.99998EPSS
Exploits18References4
BDU FSTEC
BDU FSTECadded 2022/09/30 12:0 a.m.2 views

The vulnerability of the implementation of the DefaultActionMapper mechanism in the Apache Struts software framework allows attackers to circumvent security restrictions.

The vulnerability of the DefaultActionMapper mechanism implemented by the Apache Struts software platform is related to deficiencies in access control when processing the ‘action: prefix’ parameter. Exploiting this vulnerability allows an attacker to bypass security restrictions while operating...

7.2CVSS7.7AI score0.07718EPSS
Exploits1References5Affected Software5
ThreatPost
ThreatPostadded 2013/10/18 1:24 p.m.15 views

Apache Struts Update Patches Two Vulnerabilities

The group behind Apache have pushed out a new version of Struts, fixing two issues in the framework that were giving developers difficulties over the past several weeks. The Apache Software Foundation posted version 2.3.15.3 of the framework online Tuesday. The release fixes an access control...

7.7AI score
Exploits0References5
Rows per page
Query Builder