Uploaded image for project: 'Struts 2'
  1. Struts 2
  2. WW-3470

Remote Command Execution Vulnerability

    Details

      Description

      http://www.exploit-db.com/exploits/14360/

      caused by com.opensymphony.xwork2.interceptor.ParametersInterceptor
      fixed in struts2 trunk
      not fixed in latest build jar

        Attachments

          Activity

            People

            • Assignee:
              lukaszlenart Lukasz Lenart
              Reporter:
              quaff Yanming Zhou
            • Votes:
              1 Vote for this issue
              Watchers:
              1 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: