Max CVSS 6.8 Min CVSS 5.0 Total Count2
IDCVSSSummaryLast (major) updatePublished
CVE-2016-4430 6.8
Apache Struts 2 2.3.20 through 2.3.28.1 mishandles token validation, which allows remote attackers to conduct cross-site request forgery (CSRF) attacks via unspecified vectors.
31-10-2017 - 01:29 04-07-2016 - 22:59
CVE-2016-4433 5.0
Apache Struts 2 2.3.20 through 2.3.28.1 allows remote attackers to bypass intended access restrictions and conduct redirection attacks via a crafted request.
09-08-2017 - 01:29 04-07-2016 - 22:59
CVE-2016-4431 5.0
Apache Struts 2 2.3.20 through 2.3.28.1 allows remote attackers to bypass intended access restrictions and conduct redirection attacks by leveraging a default method.
09-08-2017 - 01:29 04-07-2016 - 22:59
Back to Top Mark selected
Back to Top