Apache Struts Showcase App 2.0.0 up to and including 2.3.13, as used in Struts 2 prior to 2.3.14.3, allows remote malicious users to execute arbitrary OGNL code via a crafted parameter name that is not properly handled when invoking a redirect.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
apache struts2-showcase |
||
apache struts |