Tag
apache-struts2
Safeguard articles tagged "apache-struts2" — guides, analysis, and best practices for software supply chain and application security.
3 articles
Vulnerability Analysis
Struts2 REST plugin XStream deserialization RCE (CVE-2017-9805)
CVE-2017-9805 lets attackers RCE Struts2 REST APIs via unsafe XStream XML deserialization. Learn impact, affected versions, and remediation steps.
Jan 11, 20267 min read
Vulnerability Analysis
CVE-2018-11776: Remote code execution in Apache Struts2 v...
CVE-2018-11776 lets attackers achieve unauthenticated RCE in Apache Struts2 via crafted namespace/OGNL injection. Affected versions, timeline, and fixes.
Oct 1, 20257 min read
Vulnerability Analysis
CVE-2020-17530: Forced OGNL evaluation RCE in Apache Struts2
CVE-2020-17530 lets attackers achieve unauthenticated RCE in Apache Struts2 via forced OGNL evaluation. Here's the scope, timeline, and how to remediate it.
Sep 30, 20257 min read