Forced OGNL evaluation, when evaluated on raw user input in tag attributes, may lead to remote code execution. Affected software : Apache Struts 2.0.0 - Struts 2.5.25.
Metrics
Affected Vendors & Products
References
History
Wed, 14 Aug 2024 00:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
References |
|
MITRE
Status: PUBLISHED
Assigner: apache
Published: 2020-12-11T01:11:04
Updated: 2024-08-04T14:00:48.908Z
Reserved: 2020-08-12T00:00:00
Link: CVE-2020-17530
Vulnrichment
No data.
NVD
Status : Modified
Published: 2020-12-11T02:15:10.883
Modified: 2024-11-21T05:08:18.480
Link: CVE-2020-17530
Redhat