CVE-2013-2248 (Medium) detected in struts2-core-2.3.1.2.jar #11

mend-for-github-com · 2020-03-25T14:52:42Z

CVE-2013-2248 - Medium Severity Vulnerability

Vulnerable Library - struts2-core-2.3.1.2.jar

Apache Struts 2

Path to dependency file: /tmp/ws-scm/Struts2Example/pom.xml

Path to vulnerable library: 20200325141938/downloadResource_d50070f4-1279-48e5-8366-a2fcdc735d7c/20200325145151/struts2-core-2.3.1.2.jar

Dependency Hierarchy:

❌ struts2-core-2.3.1.2.jar (Vulnerable Library)

Found in HEAD commit: 20d7b6df1b42979ec0033b63405d552a70d92b0c

Vulnerability Details

Multiple open redirect vulnerabilities in Apache Struts 2.0.0 through 2.3.15 allow remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in a parameter using the (1) redirect: or (2) redirectAction: prefix.

Publish Date: 2013-07-20

URL: CVE-2013-2248

CVSS 2 Score Details (5.8)

Base Score Metrics not available

Suggested Fix

Type: Upgrade version

Origin: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2248

Release Date: 2013-07-20

Fix Resolution: 2.3.15.1

Check this box to open an automated fix PR

mend-for-github-com bot added the security vulnerability Security vulnerability detected by WhiteSource label Mar 25, 2020

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

CVE-2013-2248 (Medium) detected in struts2-core-2.3.1.2.jar #11

CVE-2013-2248 (Medium) detected in struts2-core-2.3.1.2.jar #11

mend-for-github-com bot commented Mar 25, 2020

CVE-2013-2248 (Medium) detected in struts2-core-2.3.1.2.jar #11

CVE-2013-2248 (Medium) detected in struts2-core-2.3.1.2.jar #11

Comments

mend-for-github-com bot commented Mar 25, 2020

CVE-2013-2248 - Medium Severity Vulnerability