struts2-core is vulnerable to directory traversal attacks. The vulnerability exists due to the lack of sanitization in file path, allowing ..%252f
to be used in the file path to perform directory traversal attacks.
CPE | Name | Operator | Version |
---|---|---|---|
struts 2 core | eq | 2.1.2 | |
struts 2 core | le | 2.0.11.2 |