CVE-2016-4436

CRITICAL9.8EPSS 5.7%

Apache Struts improper action name cleanup

發布日:2022/5/17修改日:2024/12/5

描述

Apache Struts 2 before 2.3.29 and 2.5.x before 2.5.1 allow attackers to have unspecified impact via vectors related to improper action name clean up.

來源	版本	嚴重程度	向量
osv	CVSS 3.1	CRITICAL9.8	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H