THREATOPS
THREAT OPSCVEs › CVE-2017-9791

CVE-2017-9791 — Apache Struts 1 Improper Input Validation Vulnerability

CISA KEVExploited: confirmedApache

The Struts 1 plugin in Apache Struts might allow remote code execution via a malicious field value passed in a raw message to the ActionMessage.

Vulnerability details