Max CVSS | 9.3 | Min CVSS | 9.3 | Total Count | 2 |
ID | CVSS | Summary | Last (major) update | Published | |
CVE-2013-2134 | 9.3 |
Apache Struts 2 before 2.3.14.3 allows remote attackers to execute arbitrary OGNL code via a request with a crafted action name that is not properly handled during wildcard matching, a different vulnerability than CVE-2013-2135.
|
23-11-2018 - 15:54 | 16-07-2013 - 18:55 | |
CVE-2013-2135 | 9.3 |
Apache Struts 2 before 2.3.14.3 allows remote attackers to execute arbitrary OGNL code via a request with a crafted value that contains both "${}" and "%{}" sequences, which causes the OGNL code to be evaluated twice.
|
23-11-2018 - 15:49 | 16-07-2013 - 18:55 |