Maven package
org.apache.struts/struts2-struts1-plugin
pkg:maven/org.apache.struts/struts2-struts1-plugin
Vulnerabilities (1)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2017-9791 | Cri | 9.8 | KEV | <= 2.3.37 | — | Jul 10, 2017 | The Struts 1 plugin in Apache Struts 2.1.x and 2.3.x might allow remote code execution via a malicious field value passed in a raw message to the ActionMessage. |
- affected <= 2.3.37
The Struts 1 plugin in Apache Struts 2.1.x and 2.3.x might allow remote code execution via a malicious field value passed in a raw message to the ActionMessage.