Apache Struts 2.3.19 to 2.3.20.2, 2.3.21 to 2.3.24.1, and 2.3.25 to 2.3.28, when Dynamic Method Invocation is enabled, allow remote malicious users to execute arbitrary code via vectors related to an ! (exclamation mark) operator to the REST Plugin.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
apache struts 2.3.20.1 |
||
apache struts 2.3.20 |
||
apache struts 2.3.24.1 |
||
apache struts 2.3.24 |
||
apache struts 2.3.28 |