Struts 2
  1. Struts 2
  2. WW-3470

Remote Command Execution Vulnerability

    Details

      Description

      http://www.exploit-db.com/exploits/14360/

      caused by com.opensymphony.xwork2.interceptor.ParametersInterceptor
      fixed in struts2 trunk
      not fixed in latest build jar

        Activity

        Hide
        Lukasz Lenart added a comment - - edited

        This is already solved in 2.2.1

        Show
        Lukasz Lenart added a comment - - edited This is already solved in 2.2.1

          People

          • Assignee:
            Lukasz Lenart
            Reporter:
            zhouyanming
          • Votes:
            1 Vote for this issue
            Watchers:
            1 Start watching this issue

            Dates

            • Created:
              Updated:
              Resolved:

              Development