Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cvelistRedhatCVELIST:CVE-2013-4212
HistoryDec 07, 2013 - 8:00 p.m.

CVE-2013-4212

2013-12-0720:00:00
redhat
www.cve.org

7.2 High

AI Score

Confidence

Low

0.96 High

EPSS

Percentile

99.5%

JSON

Certain getText methods in the ActionSupport controller in Apache Roller before 5.0.2 allow remote attackers to execute arbitrary OGNL expressions via the first or second parameter, as demonstrated by the pageTitle parameter in the !getPageTitle sub-URL to roller-ui/login.rol, which uses a subclass of UIAction, aka “OGNL Injection.”

Related

zdt 1
nvd 1
cve 1
d2 1
packetstorm 1
checkpoint_advisories 1
dsquare 1
prion 1
openvas 1
zdt
zdt
Apache Roller OGNL Injection Vulnerability
2013-11-26 00:00:00
nvd
nvd
CVE-2013-4212
2013-12-07 20:55:02
cve
cve
CVE-2013-4212
2013-12-07 20:55:02
d2
d2
DSquare Exploit Pack: D2SEC_APACHE_ROLLER
2013-12-07 20:55:00
packetstorm
packetstorm
Apache Roller OGNL Injection
2013-11-26 00:00:00
checkpoint_advisories
checkpoint_advisories
Apache Roller OGNL Injection Remote Code Execution (CVE-2013-4212)
2013-12-11 00:00:00
dsquare
dsquare
Apache Roller OGNL Injection
2013-12-10 00:00:00
prion
prion
Design/Logic Flaw
2013-12-07 20:55:00
openvas
openvas
Apache Roller < 5.0.2 Multiple Vulnerabilities
2017-11-27 00:00:00

7.2 High

AI Score

Confidence

Low

0.96 High

EPSS

Percentile

99.5%

JSON
Related for CVELIST:CVE-2013-4212
zdt1nvd1cve1d21packetstorm1checkpoint_advisories1dsquare1prion1openvas1