Lucene search

K
veracodeVeracode Vulnerability DatabaseVERACODE:7342
HistoryAug 22, 2018 - 5:36 p.m.

Remote Code Execution (RCE)

2018-08-2217:36:38
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
49

EPSS

0.975

Percentile

100.0%

struts2-core is vulnerable to remote code execution (RCE) attacks. These attacks are possible when using a namespace or url tag which doesn’t have a value and action set and where its upper action configuration is using a wildcard namespace or has no namespace.

References