Submit #33: Apache Struts2 S2-057info

TitleApache Struts2 S2-057
DescriptionPossible Remote Code Execution when using results with no namespace and in same time, its upper action(s) have no or wildcard namespace. Same possibility when using url tag which doesn’t have value and action set.
Source⚠️ https://cwiki.apache.org/confluence/display/WW/S2-057
User
 edward.zhong (UID 877)
Submission08/22/2018 16:16 (8 years ago)
StatusAccepted
VulDB entry123145 [Apache Struts up to 2.3.34/2.5.16 Namespace input validation]
Points14

PreviousOverviewNext

Do you need the next level of professionalism?

Upgrade your account now!