daffainfo
/
nuclei-templates
mirror of https://github.com/daffainfo/nuclei-templates.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Enhancement: cves/2019/CVE-2019-0230.yaml by mp

patch-1
MostInterestingBotInTheWorld 2022-05-16 09:23:05 -04:00
parent 88be29732a
commit 8ec39595b4
1 changed files with 4 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
cves/2019/CVE-2019-0230.yaml
View File

@ -1,13 +1,14 @@
id: CVE-2019-0230 id: CVE-2019-0230
info: info:
name: Apache Struts RCE name: Apache Struts <=2.5.20 - Remote Code Execution
author: geeknik author: geeknik
severity: critical severity: critical
description: Apache Struts 2.0.0 to 2.5.20 forced double OGNL evaluation, when evaluated on raw user input in tag attributes, may lead to remote code execution. description: Apache Struts 2.0.0 to 2.5.20 forced double OGNL evaluation, when evaluated on raw user input in tag attributes, may lead to remote code execution.
reference: reference:
- https://cwiki.apache.org/confluence/display/WW/S2-059 - https://cwiki.apache.org/confluence/display/WW/S2-059
- https://www.tenable.com/blog/cve-2019-0230-apache-struts-potential-remote-code-execution-vulnerability - https://www.tenable.com/blog/cve-2019-0230-apache-struts-potential-remote-code-execution-vulnerability
- https://nvd.nist.gov/vuln/detail/CVE-2019-0230
classification: classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
cvss-score: 9.8 cvss-score: 9.8
@ -24,3 +25,5 @@ requests:
- type: word - type: word
words: words:
- "nuclei16384" - "nuclei16384"
# Enhanced by mp on 2022/05/16