Apache Struts 2 Forced Double OGNL Evaluation Remote Code Execution Vulnerability

Apache Struts 2 Forced Double OGNL Evaluation Remote Code Execution Vulnerability

CVE-2019-0230 · CRITICAL Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Apache Struts 2.0.0 to 2.5.20 forced double OGNL evaluation, when evaluated on raw user input in tag attributes, may lead to remote code execution.

Learn more about our User Device Pen Test.