PT-2020-5501 · Apache · Apache Struts

Name of the Vulnerable Software and Affected Versions: Apache Struts versions 2.0.0 through 2.5.25 Description: The issue exists due to incorrect handling of Object Graph Navigation Language OGNL expressions in Apache Struts. This can allow a remote attacker to execute arbitrary code when forced...

CVE-2017-9787

When using a Spring AOP functionality to secure Struts actions it is possible to perform a DoS attack. Solution is to upgrade to Apache Struts version 2.5.12 or 2.3.33...