struts-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Fabian Richter <>
Subject Risk by allowing application* params
Date Thu, 07 Aug 2014 09:43:50 GMT

we are wondering why struts params interceptor excludes


as a parameter?

To what kind of vulernatbilities would we open our applications if we 
allow parameters starting with application to be set by struts?

Thank you and best

View raw message