Child pages
  • S2-062

Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Avoid using forced OGNL evaluation on untrusted user input as recommended in the Security Guide! You can upgrade to Struts 2.5.30 or greater which checks if expression evaluation won't lead to the double evaluation, yet this isn't ultimate solution and still forces forced expression evaluation can lead to security degradation.

...