Weakness Name | Source | |
---|---|---|
Improper Control of Generation of Code ('Code Injection') The product constructs all or part of a code segment using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the syntax or behavior of the intended code segment. |
Metrics | Score | Severity | CVSS Vector | Source |
---|---|---|---|---|
V2 | 9.3 | AV:N/AC:M/Au:N/C:C/I:C/A:C | [email protected] |
Apache>>Struts >> Version From (including) 2.0.0 To (excluding) 2.3.14.1
Apache>>Struts2-showcase >> Version From (including) 2.0.0 To (including) 2.3.13