admin/GobyVuls
1
0
Fork 0
mirror of https://github.com/gobysec/GobyVuls.git synced 2025-05-05 18:27:13 +00:00
Code Issues Packages Projects Releases Wiki Activity
GobyVuls/Struts2/S2-016(CVE-2013-2251)
History
tardc ebeadb7a8e Update S2-016.gif
2020-04-17 18:29:18 +08:00
..
README.md
Update README.md
2020-04-17 18:03:41 +08:00
S2-016.gif
Update S2-016.gif
2020-04-17 18:29:18 +08:00

README.md

S2-016 (CVE-2013-2251) Remote Code Execution Vulnerability

Apache Struts 2.0.0 through 2.3.15 allows remote attackers to execute arbitrary OGNL expressions via a parameter with a crafted (1) action:, (2) redirect:, or (3) redirectAction: prefix.

Affected Version: Apache Struts2 2.0.0 - 2.3.15

FOFA query rule: app="Struts2"

Demo