CVE-2019-0230

Summary

Apache Struts 2.0.0 to 2.5.20 forced double OGNL evaluation, when evaluated on raw user input in tag attributes, may lead to remote code execution.

Affected Software

VendorProductVersion RangeStatus
n/aApache StrutsApache Struts 2.0.0 to 2.5.20affected

Weaknesses

  • Remote Code Execution

ADP Enrichment

CVE Program Container

Additional References

References