Target URL | High | Medium | Low | Info |
consumer.experian.in | 1 | 0 | 0 | 0 |
Alert Detail | Click here to hide all alerts |
Hide the alert |
Confirmed Exploit | CVE-2017-5638 |
Description
| The Jakarta Multipart parser in Apache Struts 2 2.3.x before 2.3.32 and 2.5.x before 2.5.10.1 mishandles file upload, which allows remote attackers to execute arbitrary commands via a #cmd= string in a crafted Content-Type HTTP header, as exploited in the wild in March 2017. |
URL | https://consumer.experian.in/ |
Injection Type | Content-Type: Header |
Other information | Verified Exploit Report |