Apache Struts 2.0.0 through 2.3.15 allows remote attackers to execute arbitrary OGNL expressions via a parameter with a crafted (1) action:, (2) redirect:, or (3) redirectAction: prefix.
Metrics
Affected Vendors & Products
References
History
Wed, 27 Nov 2024 16:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
CPEs | cpe:2.3:o:oracle:solaris:11:*:*:*:*:*:*:* |
Tue, 13 Aug 2024 23:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
References |
|
MITRE
Status: PUBLISHED
Assigner: redhat
Published: 2013-07-18T01:00:00
Updated: 2024-08-06T15:27:41.156Z
Reserved: 2013-02-19T00:00:00
Link: CVE-2013-2251
Vulnrichment
No data.
NVD
Status : Modified
Published: 2013-07-20T03:37:30.737
Modified: 2024-11-27T16:07:37.487
Link: CVE-2013-2251
Redhat