Vulnerability identifier: #VU88759

Vulnerability risk: Medium

CVSSv3.1: 5.9 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C]

CVE-ID: CVE-2013-2248

CWE-ID: CWE-20

Exploitation vector: Network

Exploits in database: 2

• April 17, 2024
  • Apache Struts 2.2.3 - Multiple Open redirection Vulnerabilities [Exploit-DB]
  • Apache Struts2 2.0.0 < 2.3.15 - Prefixed Parameters OGNL Injection [Exploit-DB]

Impact: Information disclosure and data manipulation

Vulnerable software:
Apache Struts
Server applications / Frameworks for developing and running applications

Vendor: Apache Foundation