Apache Struts 2.0.0 to 2.5.20 forced double OGNL evaluation, when evaluated on raw user input in tag attributes, may lead to remote code execution.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
apache struts |
||
oracle financial services market risk measurement and management 8.0.6 |
||
oracle communications policy management 12.5.0 |
||
oracle financial services data integration hub 8.0.6 |
||
oracle financial services data integration hub 8.0.3 |
||
oracle mysql enterprise monitor |
Plus: Someone's gunning for Mac developers
In brief The US Department of Justice said a combined operation has led to its largest seizure of terrorist-owned cryptocurrency, taking around $2m (£1.5m) from Hamas’s military wing, al-Qaeda, and Islamic State of Iraq and the Levant (ISIS). In addition to the seized accounts, prosecutors filed indictments against a pair of men based in Turkey who were said to be overseeing the fundraising online. While most of the accounts were funded by straightforward donation pages, asking visitors to co...