CVE 2020-17530
Forced OGNL evaluation, when evaluated on raw user input in tag attributes, may lead to remote code execution. Affected software : Apache Struts 2.0.0 - Struts 2.5.25.
See the 
CVE page on Mitre.org
for more details.
Launchpad.net
References
- CONFIRM: https://cwiki.apache.o...
- JVN: JVN#43969166
- MISC: http://packetstormsecu...
- CONFIRM: https://security.netap...
- MISC: https://www.oracle.com...
- MISC: https://www.oracle.com...
- MISC: https://www.oracle.com...
- MISC: https://www.oracle.com...
- MISC: https://www.oracle.com...
- MLIST: [oss-security] 2022041...
- MISC: https://www.oracle.com...
© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
73416ba
(Get the code!)