CVE-2016-4436
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2016-4436
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2016-4436.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2016-4436
- Aliases
- Published
- 2016-10-03T15:59:01Z
- Modified
- 2024-09-03T01:17:52.790968Z
- Severity
-
- 9.8 (Critical) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
- Summary
- [none]
- Details
-
Apache Struts 2 before 2.3.29 and 2.5.x before 2.5.1 allow attackers to have unspecified impact via vectors related to improper action name clean up.
- References
Affected packages
Git / github.com/apache/struts
Affected ranges
- Type
- GIT
- Repo
- https://github.com/apache/struts
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affected