struts-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Sean Ford <sdf...@gmail.com>
Subject struts 2.1.8.1 XSS vulnerability
Date Fri, 19 Mar 2010 17:53:10 GMT
Just a heads up, there is an XSS vulnerability in struts 2.1.8.1. I
created a JIRA ticket with possible patch:
https://issues.apache.org/jira/browse/WW-3410

I tried to email security@struts.apache.org but received no reply...
not sure if anyone is listening to that alias...

Thanks,
Sean

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@struts.apache.org
For additional commands, e-mail: dev-help@struts.apache.org


Mime
View raw message