{"uuid": "70424b4e-6ada-4186-b0f6-b786fdd6190d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-17530", "type": "seen", "source": "https://t.me/VulnerabilityNews/27547", "content": "The fix issued for CVE-2020-17530 was incomplete. So from Apache Struts 2.0.0 to 2.5.29, still some of the tag\u00e2\u20ac\u2122s attributes could perform a double evaluation if a developer applied forced OGNL evaluation by using the %{...} syntax. Using forced OGNL evaluation on untrusted user input can lead to a Remote Code Execution and security degradation.\nPublished at: April 12, 2022 at 06:15PM\nView on website", "creation_timestamp": "2022-04-12T20:42:05.000000Z"}