struts-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "bphillips@ku.edu" <bphill...@ku.edu>
Subject Re: Security Vulnerability When Using SessionAware and Best Practice For Mitigating It
Date Tue, 28 Feb 2012 21:36:57 GMT
Lukasz - I agree with you, but until a new version of Struts 2 is released
that includes a fix for this vulnerability, I'd like to tell Struts 2
developers what to do when implementing the SessionAware interface to
mitigate the vulnerability.

If you could look over what I wrote in the initial post and provide any
feedback on that I'd certainly appreciate your comments.

--
View this message in context: http://struts.1045723.n5.nabble.com/Security-Vulnerability-When-Using-SessionAware-and-Best-Practice-For-Mitigating-It-tp5502292p5523338.html
Sent from the Struts - User mailing list archive at Nabble.com.

---------------------------------------------------------------------
To unsubscribe, e-mail: user-unsubscribe@struts.apache.org
For additional commands, e-mail: user-help@struts.apache.org


Mime
View raw message