Summary
Excerpt |
---|
A vulnerability introduced by manipulating parameters prefixed with "action:"/"redirect:"/"redirectAction:" allows remote command execution |
Who should read this | All Struts 2 developers and users |
---|---|
Impact of vulnerability | Remote command execution |
Maximum security rating |
Critical | |
Recommendation | Developers should immediately upgrade to Struts 2.3.15.1 |
---|---|
Affected Software | Struts 2.0.0 - Struts 2.3.15 |
Reporter | Takeshi Terada of Mitsui Bussan Secure Directions, Inc. |
CVE Identifier |
Problem
The Struts 2 DefaultActionMapper supports a method for short-circuit navigation state changes by prefixing parameters with "action:" or "redirect:", followed by a desired navigational target expression. This mechanism was intended to help with attaching navigational information to buttons within forms.
...