← Back to CVE List

CVE-2016-3090

Published: 2017-10-30T14:29Z
Last Modified: 2024-11-21T02:49Z
Source: MITRE CVE List
License: MITRE-CVE-TOS
The TextParseUtil.translateVariables method in Apache Struts 2.x before 2.3.20 allows remote attackers to execute arbitrary code via a crafted OGNL expression with ANTLR tooling. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt