Apache Struts: CVE-2016-3087: Remote code execution vulnerability
|8||(AV:N/AC:L/Au:N/C:P/I:P/A:P)||June 06, 2016||June 26, 2017||October 29, 2017|
Apache Struts 2.3.20.x before 22.214.171.124, 2.3.24.x before 126.96.36.199, and 2.3.28.x before 188.8.131.52, when Dynamic Method Invocation is enabled, allow remote attackers to execute arbitrary code via vectors related to an ! (exclamation mark) operator to the REST Plugin.
Free Nexpose Download
Discover, prioritize, and remediate security risks today!