Security Advisory

CVE-2023-50164

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2023-12-07 08:49:19

Last updated 2025-03-14 03:55:16

Assigner apache

State PUBLISHED

Description

An attacker can manipulate file upload params to enable paths traversal and under some circumstances this can lead to uploading a malicious file which can be used to perform Remote Code Execution. Users are recommended to upgrade to versions Struts 2.5.33 or Struts 6.3.0.2 or greater to fix this issue.

← Browse all CVEs View on cve.org ↗