{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/82121?format=json","vulnerability_id":"VCID-n852-f512-6fdc","summary":"","aliases":[{"alias":"CVE-2013-4212"}],"fixed_packages":[],"affected_packages":[],"references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2013-4212","reference_id":"","reference_type":"","scores":[{"value":"0.87065","scoring_system":"epss","scoring_elements":"0.99456","published_at":"2026-05-30T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2013-4212"},{"reference_url":"http://security.coverity.com/advisory/2013/Oct/remote-code-execution-in-apache-roller-via-ognl-injection.html","reference_id":"CVE-2013-4212;OSVDB-100342","reference_type":"exploit","scores":[],"url":"http://security.coverity.com/advisory/2013/Oct/remote-code-execution-in-apache-roller-via-ognl-injection.html"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/java/remote/29859.rb","reference_id":"CVE-2013-4212;OSVDB-100342","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/java/remote/29859.rb"}],"weaknesses":[],"exploits":[{"date_added":null,"description":"This module exploits an OGNL injection vulnerability in Apache Roller < 5.0.2. The\n          vulnerability is due to an OGNL injection on the UIAction controller because of an\n          insecure usage of the ActionSupport.getText method. This module has been tested\n          successfully on Apache Roller 5.0.1 on Ubuntu 10.04.","required_action":null,"due_date":null,"notes":"Reliability:\n  - unknown-reliability\nStability:\n  - unknown-stability\nSideEffects:\n  - unknown-side-effects\n","known_ransomware_campaign_use":false,"source_date_published":"2013-10-31","exploit_type":null,"platform":"Java","source_date_updated":null,"data_source":"Metasploit","source_url":"https://github.com/rapid7/metasploit-framework/tree/master/modules/exploits/multi/http/apache_roller_ognl_injection.rb"},{"date_added":"2013-11-27","description":"Apache Roller - OGNL Injection (Metasploit)","required_action":null,"due_date":null,"notes":null,"known_ransomware_campaign_use":true,"source_date_published":"2013-11-27","exploit_type":"remote","platform":"java","source_date_updated":"2013-11-27","data_source":"Exploit-DB","source_url":"http://security.coverity.com/advisory/2013/Oct/remote-code-execution-in-apache-roller-via-ognl-injection.html"}],"severity_range_score":null,"exploitability":null,"weighted_severity":null,"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-n852-f512-6fdc"}