org.apache.struts:struts-core@1.3.8 vulnerabilities
-
latest version
1.3.10
-
first published
18 years ago
-
latest version published
15 years ago
-
licenses detected
- [1.3.5,)
-
package manager
Direct Vulnerabilities
Known vulnerabilities in the org.apache.struts:struts-core package. This does not include vulnerabilities belonging to this package’s dependencies.
Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.Vulnerability | Vulnerable Version |
---|---|
org.apache.struts:struts-core is a free, open-source, MVC framework for creating Java web applications. Affected versions of this package are vulnerable to Arbitrary Code Execution where the class property is not suppressed. It allows remote attackers to "manipulate" the Note: How to fix Arbitrary Code Execution? A fix was pushed into the |
[0,)
|
org.apache.struts:struts-core is a free, open-source, MVC framework for creating Java web applications. Affected versions of this package are vulnerable to Arbitrary Code Injection. It allows remote attackers to execute arbitrary OGNL code via a crafted parameter name that is not properly handled when invoking a redirect. How to fix Arbitrary Code Injection? There is no fixed version for |
[0,)
|