Max CVSS | 9.0 | Min CVSS | 9.0 | Total Count | 2 |
ID | CVSS | Summary | Last (major) update | Published | |
CVE-2016-4461 | 9.0 |
Apache Struts 2.x before 2.3.29 allows remote attackers to execute arbitrary code via a "%{}" sequence in a tag attribute, aka forced double OGNL evaluation. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-0785.
|
01-05-2019 - 20:17 | 16-10-2017 - 16:29 |