Cybersecurity Alerts

Actively Exploited Vulnerabilities

← Back to Cybersecurity Alerts

CVE-2020-17530

Apache | StrutsAdded 2021-11-03Remediation Deadline 2022-05-03

Apache Struts Remote Code Execution Vulnerability

Forced Object-Graph Navigation Language (OGNL) evaluation in Apache Struts, when evaluated on raw user input in tag attributes, can lead to remote code execution.

Required Action

Apply updates per vendor instructions.

Weakness Classification

CWE-917

References