Apache Struts before 2.3.1.2 allows remote attackers to bypass security protections in the ParameterInterceptor class and execute arbitrary commands.
9.8CVSS
9.5AI Score
0.949EPSS
4.3CVSS
4.6AI Score
0.001EPSS
eDeploy through at least 2014-10-14 has remote code execution due to eval() of untrusted data
9.8CVSS
9.7AI Score
0.019EPSS