Com.opensymphony:xwork
This hub aggregates every CVE we track for Com.opensymphony:xwork, a product in the oss libraries space. Use it to gauge the current risk picture and drill into individual advisories.
2
CVEs tracked
0
Critical
1
High
0
In CISA KEV
Severity distribution
HIGH1MEDIUM1
Monthly trend
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
1
0
0
0
0
0
2024-072026-06
Latest CVEs
The 2 most recently published vulnerabilities affecting Com.opensymphony:xwork.
- CVE-2025-68493Apache Struts, Apache Struts: XXE vulnerability in outdated XWork component8.1
- CVE-2008-6504ParametersInterceptor in OpenSymphony XWork 2.0.x before 2.0.6 and 2.1.x before 2.1.2, as used in Apache Struts and other products, does not properly restrict # (pound sign) references to context o...5.0
Product normalization is registry-driven with AI assist and human review. How it works