Vulnerability identifier: #VU90112

Vulnerability risk: Medium

CVSSv3.1: 6.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N/E:P/RL:O/RC:C]

CVE-ID: CVE-2011-5057

CWE-ID: CWE-264

Exploitation vector: Network

Exploits in database: 1

• May 31, 2024
  • Apache Struts 2.0.9/2.1.8 - Session Tampering Security Bypass [Exploit-DB]

Impact: Data manipulation

Vulnerable software:
Apache Struts
Server applications / Frameworks for developing and running applications

Vendor: