CVE-2017-9791CISA KEV: Actively Exploited

Apache Struts 1 Improper Input Validation Vulnerability

Published Feb 10, 2022·Updated Feb 10, 2022

Description

The Struts 1 plugin in Apache Struts might allow remote code execution via a malicious field value passed in a raw message to the ActionMessage.

Public Exploits & PoCs3 found

References

View on NVD Search GitHub Search Google

Get alerted for CVEs like this

Register your stack and get notified within minutes when a matching CVE drops.

Start monitoring free