CVE-2015-1831

CVE-2015-1831

EPSS 6.3%

The default exclude patterns (excludeParams) in Apache Struts 2.3.20 allow remote attackers to "compromise internal state of an application" via unspecified vectors.

Affected products

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://struts.apache.org/docs/s2-024.html http://www.securityfocus.com/bid/75940 http://www.securitytracker.com/id/1032985