Vulnerability: Apache Struts 2.0.0-2.5.25 - Remote Code Execution

Apache Struts 2.0.0 through Struts 2.5.25 is susceptible to remote code execution because forced OGNL evaluation, when evaluated on raw user input in tag attributes, may allow it.

Impact

Successful exploitation of this vulnerability could allow an attacker to execute arbitrary code on the affected server.

Severity

critical

Verified

Unknown