Getter as action method leads to security bypass
Who should read this
All Struts 2 developers and users
Impact of vulnerability
Possible manipulation of return result and bypassing validation
Maximum security rating
Upgrade to Struts 2.3.29.
Struts 2.3.20 - Struts Struts 184.108.40.206
Takeshi Terada websec02 dot g02 at gmail.com
It is possible to pass a crafted request which can be used to bypass internal security mechanism and manipulate return string which can leads to redirecting user to unvalidated location.