Nom de la faiblesse | Source | |
---|---|---|
Improper Control of Generation of Code ('Code Injection') The product constructs all or part of a code segment using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the syntax or behavior of the intended code segment. |
Métriques | Score | Gravité | CVSS Vecteur | Source |
---|---|---|---|---|
V2 | 9.3 | AV:N/AC:M/Au:N/C:C/I:C/A:C | nvd@nist.gov |
Apache>>Struts >> Version From (including) 2.0.0 To (excluding) 2.3.14.1
Apache>>Struts2-showcase >> Version From (including) 2.0.0 To (including) 2.3.13