| Max CVSS | 6.8 | Min CVSS | 6.4 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2016-1181 | 6.8 |
ActionServlet.java in Apache Struts 1 1.x through 1.3.10 mishandles multithreaded access to an ActionForm instance, which allows remote attackers to execute arbitrary code or cause a denial of service (unexpected memory access) via a multipart reques
|
15-07-2020 - 03:15 | 04-07-2016 - 22:59 | |
| CVE-2016-1182 | 6.4 |
ActionServlet.java in Apache Struts 1 1.x through 1.3.10 does not properly restrict the Validator configuration, which allows remote attackers to conduct cross-site scripting (XSS) attacks or cause a denial of service via crafted input, a related iss
|
15-07-2020 - 03:15 | 04-07-2016 - 22:59 |