cve/2007/CVE-2007-4556.md

### [CVE-2007-4556](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4556)
![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)

### Description

Struts support in OpenSymphony XWork before 1.2.3, and 2.x before 2.0.4, as used in WebWork and Apache Struts, recursively evaluates all input as an Object-Graph Navigation Language (OGNL) expression when altSyntax is enabled, which allows remote attackers to cause a denial of service (infinite loop) or execute arbitrary code via form input beginning with a "%{" sequence and ending with a "}" character.

### POC

#### Reference
No PoCs from references.

#### Github
- https://github.com/0day666/Vulnerability-verification
- https://github.com/ARPSyndicate/cvemon
- https://github.com/ARPSyndicate/kenzer-templates
- https://github.com/Elsfa7-110/kenzer-templates
- https://github.com/SexyBeast233/SecBooks
- https://github.com/Zero094/Vulnerability-verification
- https://github.com/ice0bear14h/struts2scan
- https://github.com/superlink996/chunqiuyunjingbachang
- https://github.com/woods-sega/woodswiki