CVE-2013-1966 (struts)
-
Apache Struts 2 before 2.3.14.1 allows remote attackers to execute arbitrary OGNL code via a crafted request that is not properly handled when using the includeParams attribute in the (1) URL or (2) A tag.
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-1966
© Lightnetics 2024