Lucene search
RedhatCVELIST:CVE-2016-4461HistoryOct 16, 2017 - 4:00 p.m.
CVE-2016-4461
2017-10-1616:00:00
redhat
www.cve.org
1
Apache Struts 2.x before 2.3.29 allows remote attackers to execute arbitrary code via a “%{}” sequence in a tag attribute, aka forced double OGNL evaluation. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-0785.
Related
prion
prion
Design/Logic Flaw
2017-10-16 16:29:00
Design/Logic Flaw
2016-04-12 16:59:00
ubuntucve
ubuntucve
CVE-2016-4461
2017-10-16 00:00:00
CVE-2016-0785
2016-04-12 00:00:00
cve
cve
CVE-2016-4461
2017-10-16 16:29:00
CVE-2016-0785
2016-04-12 16:59:00
osv
osv
CVE-2016-4461
2017-10-16 16:29:00
Apache Struts RCE Vulnerability
2022-05-14 00:52:12
nvd
nvd
CVE-2016-4461
2017-10-16 16:29:00
CVE-2016-0785
2016-04-12 16:59:00
ibm
ibm
cvelist
cvelist
CVE-2016-0785
2016-04-12 16:00:00
openvas
openvas
Apache Struts Security Update (S2-029)
2016-06-07 00:00:00
Apache Struts Security Update (S2-036)
2021-04-06 00:00:00
nessus
nessus
Apache Struts 2 Tag Attribute Double OGNL Evaluation RCE
2016-03-24 00:00:00
Apache Struts 2.x < 2.3.29 Multiple Vulnerabilities (S2-035 - S2-040)
2016-06-24 00:00:00
github
github
Apache Struts RCE Vulnerability
2022-05-14 00:52:12
f5
f5
wallarmlab
wallarmlab
New Struts2 Remote Code Execution exploit caught in the wild
2017-03-09 00:15:54