Remote code execution in Apache Struts

GHSA-jc35-q369-45pv · CVE-2020-17530

Published Feb 9, 2022 · Modified Oct 22, 2025

Description

Forced OGNL evaluation, when evaluated on raw user input in tag attributes, may lead to remote code execution.

Ready to move

Free, no credit card | First findings in minutes