Apache Struts 2 2.3.20 up to and including 2.3.28.1 mishandles token validation, which allows remote malicious users to conduct cross-site request forgery (CSRF) attacks via unspecified vectors.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
apache struts 2.3.28.1 |
||
apache struts 2.3.20 |
||
apache struts 2.3.20.3 |
||
apache struts 2.3.20.1 |
||
apache struts 2.3.28 |
||
apache struts 2.3.24.3 |
||
apache struts 2.3.24.1 |
||
apache struts 2.3.24 |