struts-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Antonio Petrelli" <antonio.petre...@gmail.com>
Subject Re: Preventing OGNL evaluations of user input (was Re: Struts 2 performance)
Date Mon, 16 Jul 2007 16:47:01 GMT
2007/7/16, Martin Cooper <martinc@apache.org>:
> On 7/16/07, Don Brown <mrdon@twdata.org> wrote:
> >
> > I've added a security bulletin to our official Struts 2 documentation to
> > begin to formalize this issue and its solution:
> >
> > http://cwiki.apache.org/confluence/display/WW/S2-001+-+Remote+code+exploit+on+form+validation+error
>
>
> This link doesn't appear to work, at least for me.

It has been renamed to:
http://cwiki.apache.org/confluence/display/WW/S2-001

Antonio

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@struts.apache.org
For additional commands, e-mail: dev-help@struts.apache.org


Mime
View raw message