Detectify
Object-Graph Navigation Language (OGNL) is an expression language for handling Java objects. When an OGNL expression injection vulnerability is present, it is possible for the attacker to inject OGNL expressions. Many critical Apache Struts CVEs are the result of GNL expression injection. Watch our short attack demo video where we explain Apache Struts OGNL expression injection and how it works. .
Similar Posts
One thought on “Proof of Concept: CVE-2017-9791 Apache Struts OGNL Expression Injection”
Comments are closed.
Which version