CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Apache: >> Struts >> 2.5.19 Security Vulnerabilities

CVE-2019-0233

An access permission override in Apache Struts 2.0.0 to 2.5.20 may cause a Denial of Service when performing a file upload.

CVSS Score

7.5

EPSS Score

0.078

Published

2020-09-14

CVE-2009-1275

Apache Tiles 2.1 before 2.1.2, as used in Apache Struts and other products, evaluates Expression Language (EL) expressions twice in certain circumstances, which allows remote attackers to conduct cross-site scripting (XSS) attacks or obtain sensitive information via unspecified vectors, related to the (1) tiles:putAttribute and (2) tiles:insertTemplate JSP tags.

CVSS Score

6.8

EPSS Score

0.012

Published

2009-04-09

Page 2

Vulnerabilities

Vulnerable Software

Apache: >> Struts >> 2.5.19 Security Vulnerabilities

Products

Pricing

Contact Us