Vulnerability & Exploit Database

Back to search

Apache Struts: S2-033 (CVE-2016-3087): Security updates available for Apache Struts

Severity CVSS Published Added Modified
8 (AV:N/AC:L/Au:N/C:P/I:P/A:P) June 07, 2016 June 27, 2017 January 19, 2018

Available Exploits 


Apache Struts 2.3.20.x before, 2.3.24.x before, and 2.3.28.x before, when Dynamic Method Invocation is enabled, allow remote attackers to execute arbitrary code via vectors related to an ! (exclamation mark) operator to the REST Plugin.

Free Nexpose Download

Discover, prioritize, and remediate security risks today!

 Download now