Apache Struts 2 Documentation > Home > Security Bulletins
Apache Struts 2 Documentation
Security Bulletins
Edit Page   Browse Space   Add Page   Add News
Added by Don Brown, last edited by Don Brown on Jul 16, 2007  (view change)

The following security bulletins are available:

  • S2-001Remote code exploit on form validation error
  • S2-002Cross site scripting (XSS) vulnerability on <s:url> and <s:a> tags
  • S2-003XWork ParameterInterceptors bypass allows OGNL statement execution
  • S2-004Directory traversal vulnerability while serving static content
Children Show Children
Generated by Atlassian Confluence (Version: 2.10.3 Build: 1519 Apr 15, 2009) Auto Export Plugin (Version: 1.0.0.beta1)