This is a potential security issue, you are being redirected to https://nvd.nist.gov
NVD Dashboard
News
Email List
FAQ
Visualizations
Search & Statistics
Full Listing
Categories
Data Feeds
Vendor Comments
CVSS V3 Calculator
CVSS V2 Calculator
CPE Dictionary
CPE Search
CPE Statistics
SWID
Checklist (NCP) Repository
800-53 Controls
SCAP Validated Tools
SCAP
USGCB
Vulnerability Search
Apache Struts 2.x before 2.3.28 allows remote attackers to execute arbitrary code via a "%{}" sequence in a tag attribute, aka forced double OGNL evaluation.