CVE-2013-2251
Apache Struts Improper Input Validation Vulnerability
CVSS
—
No CVSS
EPSS
100.0%
p100
KEV
YES
Mar 25, 2022
Exploit Today
80
0-100
Published: — · Last modified: —
100.0%EPSS · 30 days100.0%
2026-06-302026-07-16
Product
Apache / Struts
Vulnerability
Apache Struts Improper Input Validation Vulnerability
Added to KEV
Mar 25, 2022
Remediate by
Apr 15, 2022
Known ransomware use
No
Summary description
Apache Struts allows remote attackers to execute arbitrary Object-Graph Navigation Language (OGNL) expressions.
Required action
Apply updates per vendor instructions.
Notes
https://nvd.nist.gov/vuln/detail/CVE-2013-2251
CVECVSSEPSSKEVRExploitTitleMod.
CVE-2017-5638—100.0%
KEV—80Apache Struts Remote Code Execution Vulnerability—CVE-2018-11776—100.0%
KEV—80Apache Struts Remote Code Execution Vulnerability—CVE-2017-9805—99.9%
KEV—80Apache Struts Deserialization of Untrusted Data Vulnerability—CVE-2020-17530—99.9%
KEV—80Apache Struts Remote Code Execution Vulnerability—