Skip to main content
CVE-2016-4438 CRITICAL PATCH Act Now

The REST plugin in Apache Struts 2 2.3.19 through 2.3.28.1 allows remote attackers to execute arbitrary code via a crafted expression. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 62.1%.

RCE Apache Struts
NVD
CVSS 3.0
9.8
EPSS
62.1%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy