Uploaded image for project: 'Struts 2'
  1. Struts 2
  2. WW-4867

Apache Struts framework 1.1 and 2.x vulnerability clarification

VotersWatch issueWatchersLinkCloneUpdate Comment AuthorReplace String in CommentUpdate Comment VisibilityDelete Comments
    XMLWordPrintableJSON

Details

    • Temp
    • Status: Closed
    • Trivial
    • Resolution: Not A Problem
    • None
    • None
    • None
    • apache Struts framework 1.1

    Description

      Hello,

      I'm the active user of apache Struts framework 1.1 and 2.x. Recently we learned that there is a vulnerability in Apache Struts' Jakarta Multipart parser as high risk. This may lead to warning of remote code execution (RCE) attacks that were evident at Equifax which lead to complete system compromises. So I would like to take your inputs and understand the recent vulnerability over RCE is also affected 1.1/1.x versions precisely.

      If yes, could you please support with your thoughts over next course of action to resolve the issue?

      Thanks and appreciate your support at the earliest.

      Regards,
      Parthiban

      Attachments

        Activity

          This comment will be Viewable by All Users Viewable by All Users
          Cancel

          People

            Unassigned Unassigned
            ppar3ban@gmail.com Parthiban Palanisamy
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved:

              Issue deployment