struts-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Meder Kydyraliev <mede...@gmail.com>
Subject Struts2 remote commands execution
Date Sat, 10 Jul 2010 08:02:42 GMT
There's a critical remote commands execution vulnerability in XWork(used by
Struts2), which fixed in 2.2.0, which isn't released yet but can be
downloaded here: http://people.apache.org/builds/struts/2.2.0/

More details about this vulnerability can be found here:
http://blog.o0o.nu/2010/07/cve-2010-1870-struts2xwork-remote.html

Meder

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message