6.5
CVSSv2

CVE-2012-1592

CVSSv4: NA | CVSSv3: 8.8 | CVSSv2: 6.5 | VMScore: 980 | EPSS: 0.00792 | KEV: Not Included
Published: 05/12/2019 Updated: 21/11/2024

Vulnerability Summary

A local code execution issue exists in Apache Struts2 when processing malformed XSLT files, which could let a malicious user upload and execute arbitrary files.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

apache struts 2.0.0

Exploits

source: wwwsecurityfocuscom/bid/52702/info Apache Struts2 is prone to a remote arbitrary file-upload vulnerability because it fails to sufficiently sanitize user-supplied input Attackers can exploit this issue to upload arbitrary code and run it in the context of the webserver process This may facilitate unauthorized access or privileg ...