Skip to main content
CVE-2013-2134 CRITICAL POC PATCH THREAT Act Now

Apache Struts 2 before 2.3.14.3 allows remote attackers to execute arbitrary OGNL code via a request with a crafted action name that is not properly handled during wildcard matching, a different. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Public exploit code available and EPSS exploitation probability 91.5%.

Code Injection Apache RCE Struts
NVD Exploit-DB
CVSS 2.0
9.3
EPSS
91.5%
Threat
6.1
CVE-2013-2135 CRITICAL PATCH Act Now

{}" and "%{}" sequences, which causes the OGNL code to. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 83.0%.

Code Injection Apache RCE Struts
NVD
CVSS 2.0
9.3
EPSS
83.0%
Threat
4.4

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy