CVE-2015-2992

Apache Struts before 2.3.20 has a cross-site scripting XSS vulnerability...

Security Bulletin: IBM Sterling Order Management, IBM Sterling Configure, Price, Quote and Sterling Web Channel are affected by Apache Struts 2 security vulnerabilities

Summary IBM Sterling Order Management, IBM Sterling Configure Price Quote and Sterling Web Channel use Apache Struts 2 and are affected by some of the vulnerabilities that exist in Apache Struts 2. Now a vulnerability related to Apache Commons FileUpload version included with Apache Struts 2...

Security Bulletin: A security vulnerability has been identified in WebSphere Application Server shipped with Predictive Customer Intelligence (CVE-2016-1181, CVE-2016-1182)

Summary IBM WebSphere Application Server is shipped with IBM Predictive Customer Intelligence. Information about a security vulnerability affecting WebSphere Application Server has been published in a security bulletin. Vulnerability Details Refer to the security bulletins listed in the...

Security Bulletin: Security Vulnerabilities have been Identified in Websphere Application Server Shipped with Predictive Customer Intelligence (CVE-2012-5783, CVE-2018-1614, CVE-2014-0114, CVE-2015-0899)

Summary Websphere Application Server is shipped with Predictive Customer Intelligence. Information about security vulnerabilities affecting Websphere Application Server has been published in security bulletins. Vulnerability Details Please consult the security bulletins: Security Bulletin:...

Security Bulletin: Vulnerabilities found in IBM Sterling B2B Integrator and IBM Sterling File Gateway (CVE-2014-0114, CVE-2014-0927, CVE-2014-0912)

Summary IBM Sterling B2B Integrator and IBM Sterling File Gateway are affected by multiple security vulnerabilities. These vulnerabilities include: - Open Source Apache Struts V1 ClassLoader manipulation vulnerability - Improper Access Control - Information Disclosure Vulnerability Details...

Equifax Breach: Four Members of Chinese Military Charged with Hacking

U.S. authorities have charged four Chinese military officers in the 2017 Equifax data breach, which compromised the data of nearly 150 million. The four, Wu Zhiyong, Wang Qian, Xu Ke and Liu Lei, are believed to be members of the 54th Research Institute of the Chinese People’s Liberation Army PLA...

U.S. Charges 4 Chinese Military Hackers Over Equifax Data Breach

The United States Department of Justice today announced charges against 4 Chinese military hackers who were allegedly behind the Equifax data breach that exposed the personal and financial data of nearly 150 million Americans. In a joint press conference held today with the Attorney General Willi...

Security Bulletin: Multiple Apache Struts Vulnerabilities Affect IBM Sterling B2B Integrator

Summary IBM Sterling B2B Integrator Standard Edition has addressed the following multiple vulnerabilities caused by Apach Struts 1.1 Vulnerability Details CVEID: CVE-2008-2025 DESCRIPTION: Apache Struts is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A...

Security Bulletin: Multiple Apache Struts Vulnerabilities Affect IBM Sterling File Gateway

Summary IBM Sterling File Gateway has addressed the following vulnerabilities caused by Apach Struts 1.1 Vulnerability Details CVEID: CVE-2008-2025 DESCRIPTION: Apache Struts is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A remote attacker could explo...

Security Bulletin: ClassLoader manipulation with Apache Struts affecting Rational Application Developer (CVE-2014-0114)

Summary There is a ClassLoader manipulation vulnerability in Apache Struts that is bundled by IBM Rational Application Developer for WebSphere Software. Vulnerability Details | Subscribe to My Notifications to be notified of important product support alerts like this. Follow this link for more...

Security Bulletin: ClassLoader manipulation with Apache Struts in WebSphere Application Server affecting Rational Application Developer (CVE-2014-0114)

Summary There is a ClassLoader manipulation vulnerability in Apache Struts that is used by the WebSphere Application Server bundled with Rational Application Developer Vulnerability Details | Subscribe to My Notifications to be notified of important product support alerts like this. Follow this...

Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server that is shipped with IBM Rational ClearQuest (CVE-2016-1181, CVE-2016-1182)

Summary IBM WebSphere Application Server WAS is shipped as a component of IBM Rational ClearQuest. Information about a security vulnerability affecting WAS has been published in a security bulletin. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section...

Unspecified Vulnerability in Apache Struts2

Apache Struts is the United States Apache Apache Software Foundation, an open source project , is a set of open source MVC framework for creating enterprise-class Java Web applications , mainly provides two versions of the framework products , Struts 1 and Struts 2. There is a security...

CVE-2011-3923

Apache Struts before 2.3.1.2 allows remote attackers to bypass security protections in the ParameterInterceptor class and execute arbitrary commands...

CVE-2011-3923

Apache Struts before 2.3.1.2 allows remote attackers to bypass security protections in the ParameterInterceptor class and execute arbitrary commands...

Design/Logic Flaw

Apache Struts before 2.3.1.2 allows remote attackers to bypass security protections in the ParameterInterceptor class and execute arbitrary commands...

CVE-2011-3923

CVE-2011-3923 affects Apache Struts 2 prior to 2.3.1.2, where a flaw in the ParameterInterceptor allows untrusted input to be treated as OGNL expressions, bypassing protections and enabling remote command execution. Public details indicate the vulnerability enables an attacker to execute arbitrar...

CVE-2011-3923

Apache Struts before 2.3.1.2 allows remote attackers to bypass security protections in the ParameterInterceptor class and execute arbitrary commands...

Exploit for CVE-2018-11776

Apache-Struts-0Day-Exploit Critical Remote Code Execution...

Exploit for CVE-2018-11776

Apache-Struts-0Day-Exploit Critical Remote Code Execution...