[WW-3470] Remote Command Execution Vulnerability - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Bug
Status: Closed
Priority: Blocker
Resolution: Fixed
Affects Version/s: None
Fix Version/s: 2.2.1
Component/s: None
Labels:
None
Environment:

Hide

xwork version
http://hudson.zones.apache.org/hudson/job/xwork2/lastBuild/com.opensymphony$xwork-core/
#89 (2009-12-1 8:01:51)

Show
xwork version http://hudson.zones.apache.org/hudson/job/xwork2/lastBuild/com.opensymphony$xwork-core/ #89 (2009-12-1 8:01:51)

Description

http://www.exploit-db.com/exploits/14360/

caused by com.opensymphony.xwork2.interceptor.ParametersInterceptor
fixed in struts2 trunk
not fixed in latest build jar

Attachments

Activity

People

Assignee:: Lukasz Lenart

Reporter:: Yanming Zhou

Votes:: 1 Vote for this issue

Watchers:: 1 Start watching this issue

Dates

Created:: 25/Jul/10 13:33

Updated:: 26/Jul/10 08:19

Resolved:: 26/Jul/10 08:16