Child pages
  • S2-043

Versions Compared


  • This line was added.
  • This line was removed.
  • Formatting was changed.


Who should read this

All Struts 2 developers and users

Impact of vulnerability

Usage of the Config Browser plugin in a production evnironment

Maximum security rating



Please read the Security guideline

Affected Software

Any Struts 2 version


Yelin from Venustech Inc.

CVE Identifier



Usage of the Config Browser in a production environment can lead to exposing vunerable information of the application


Please read our Security guideline and restrict access to the Config Browser or do not use in a production environment!