CVE-2006-1546 is a vulnerability in Apache Struts
Published on March 30, 2006
Apache Software Foundation (ASF) Struts before 1.2.9 allows remote attackers to bypass validation via a request with a 'org.apache.struts.taglib.html.Constants.CANCEL' parameter, which causes the action to be canceled but would not be detected from applications that do not use the isCancelled check.
Products Associated with CVE-2006-1546
Want to know whenever a new CVE is published for Apache Struts? stack.watch will email you.
Exploit Probability
EPSS
1.61%
Percentile
81.51%
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.