Summary
Using the Config Browser plugin in productionWho should read this | All Struts 2 developers and users |
---|---|
Impact of vulnerability | Usage of the Config Browser plugin in a production evnironment |
Maximum security rating | Low |
Recommendation | Please read the Security guideline |
Affected Software | Any Struts 2 version |
Reporter | Yelin from Venustech Inc. |
CVE Identifier |
|
Problem
Usage of the Config Browser in a production environment can lead to exposing vunerable information of the application
Solution
Please read our Security guideline and restrict access to the Config Browser or do not use in a production environment!
Backward compatibility
No backward incompatibility issues are expected.