National Vulnerability Database

National Vulnerability Database

National Vulnerability
Database

Search Results (Refine Search)

There are 21 matching records.
Displaying matches 21 through 21.
Vuln ID Summary CVSS Severity
CVE-2016-0785

Apache Struts 2.x before 2.3.28 allows remote attackers to execute arbitrary code via a "%{}" sequence in a tag attribute, aka forced double OGNL evaluation.

Published: April 12, 2016; 12:59:00 PM -04:00
V3: 8.8 HIGH
V2: 9.0 HIGH