← Back to CVEs
CVE-2013-2248
N/ADescription
Multiple open redirect vulnerabilities in Apache Struts 2.0.0 through 2.3.15 allow remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in a parameter using the (1) redirect: or (2) redirectAction: prefix.
CVE Details
CVSS v3.1 ScoreN/A
Published7/20/2013
Last Modified4/29/2026
Sourcenvd
Honeypot Sightings0
Affected Products
apache:struts
Weaknesses (CWE)
CWE-20
References
http://struts.apache.org/release/2.3.x/docs/s2-017.html(secalert@redhat.com)
http://www.fujitsu.com/global/support/software/security/products-f/interstage-bpm-analytics-201301e.html(secalert@redhat.com)
http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html(secalert@redhat.com)
http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html(secalert@redhat.com)
http://www.securityfocus.com/bid/61196(secalert@redhat.com)
http://www.securityfocus.com/bid/64758(secalert@redhat.com)
http://struts.apache.org/release/2.3.x/docs/s2-017.html(af854a3a-2127-422b-91ae-364da2661108)
http://www.fujitsu.com/global/support/software/security/products-f/interstage-bpm-analytics-201301e.html(af854a3a-2127-422b-91ae-364da2661108)
http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html(af854a3a-2127-422b-91ae-364da2661108)
http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html(af854a3a-2127-422b-91ae-364da2661108)
http://www.securityfocus.com/bid/61196(af854a3a-2127-422b-91ae-364da2661108)
http://www.securityfocus.com/bid/64758(af854a3a-2127-422b-91ae-364da2661108)
IOC Correlations
No correlations recorded
This product uses data from the NVD API but is not endorsed or certified by the NVD.