David Greene

2 exploits Active since Sep 2017

CVE-2017-12611 GITHUB CRITICAL WRITEUP

Apache Struts < 2.3.34 - Improper Input Validation

In Apache Struts 2.0.0 through 2.3.33 and 2.5 through 2.5.10.1, using an unintentional expression in a Freemarker tag instead of string literals can lead to a RCE attack.

3,480 stars

CVSS 9.8

View Code

CVE-2017-12611 GITHUB CRITICAL WRITEUP

Apache Struts < 2.3.34 - Improper Input Validation

In Apache Struts 2.0.0 through 2.3.33 and 2.5 through 2.5.10.1, using an unintentional expression in a Freemarker tag instead of string literals can lead to a RCE attack.

14 stars

CVSS 9.8

View Code