Child pages
  • S2-042

Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Who should read this

All Struts 2 developers and users

Impact of vulnerability

Possible path traversal in the Convention plugin in Struts 2.3.20 - 2.3.30

Maximum security rating

High

Recommendation

Upgrade to Struts 2.3.31 or to any version of Struts 2.5

Affected Software

Struts 2.3.20 - Struts 2.3.3130

Reporter

Takeshi Terada of Mitsui Bussan Secure Directions, Inc.

CVE Identifier

CVE-2016-6795

...